Bug 18576 - RHL7.0 Any user can reboot or halt
RHL7.0 Any user can reboot or halt
Status: CLOSED DUPLICATE of bug 17882
Product: Red Hat Linux
Classification: Retired
Component: usermode (Show other bugs)
i686 Linux
high Severity high
: ---
: ---
Assigned To: Nalin Dahyabhai
David Lawrence
Depends On:
  Show dependency treegraph
Reported: 2000-10-06 17:50 EDT by mmv
Modified: 2006-02-21 13:47 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-02-21 13:47:47 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description mmv 2000-10-06 17:50:36 EDT

I just found an issue after installing RHL7.0 from your ISO image:

Any user can execute the halt or reboot commands, even logged from the
network, on a shell. Perhaps this only happens to me, or perhaps this is
an intended feature, but as it has puzzled me I thought I'd better report
it, just in case.

My system: K7-750 on ASUS-K7V RHL7.0 64MB 20MB-HD

If you need to know more just contact me. I'll be available during the

And if it is NOT a bug, sorry for the nuisance.

Manuel Moran. (Spain)
Comment 1 Nalin Dahyabhai 2000-10-06 17:54:14 EDT
When the user is logged in remotely, are they also simultaneously logged in at
the console?  The access checking does not check which terminal the user is on,
just that he or she is also logged in on the console.
Comment 2 mmv 2000-10-07 10:42:42 EDT
YES! When the user is JUST logged in remotely but not from the console, halt and
reboot prompt for a password.

It seems like it is an intended feature. The change from the last version (6.2
in which they prompted always for password) made me think it was such a big bug.

Comment 3 Peter van Egdom 2002-07-31 14:44:23 EDT
This (quite serious) bug is still present in 
Red Hat Linux - Limbo (beta 2) 7.3.93.

Instead of a reboot or halting the system, the "halt" or "reboot" program
should ask for the superuser password, when typed in by a regular user.

I quote from the manpage of halt:

 "If you're not the superuser, you will get the message `must be superuser' "
Comment 4 Leonard den Ottolander 2004-02-04 09:16:00 EST
This bug can be closed "NOTABUG". This has been asked repeatedly.
Since local users are able to pull the plug or push the power button
there is no use to disallow them to shutdown the box cleanly from the
command line.

The man page might need fixing to reflect that the above is not true
for local users due to the reasons I mentioned.
Comment 5 Miloslav Trmac 2004-02-04 18:03:28 EST

*** This bug has been marked as a duplicate of 17882 ***
Comment 6 Red Hat Bugzilla 2006-02-21 13:47:47 EST
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.

Note You need to log in before you can comment on or make changes to this bug.