Bug 19526 - /usr/bin/reboot - ruh oh
/usr/bin/reboot - ruh oh
Status: CLOSED NOTABUG
Product: Red Hat Linux
Classification: Retired
Component: usermode (Show other bugs)
7.0
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
David Lawrence
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-10-21 16:02 EDT by Need Real Name
Modified: 2007-04-18 12:29 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-10-22 21:49:04 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Need Real Name 2000-10-21 16:02:28 EDT
greetings --

there seems to be a bit of a problem with /usr/bin/reboot - sym link to
/usr/bin/consolehelper.  when a non root user executes the command locally,
the system will reboot.  it does not seem to affect it when executed via
telnet or ssh.  seems that the default permissions are wrong?.. perhaps? 
anyways, seems pretty bad to me, maybe it's designed to be that way -- 
sorta doubt it.

i have tested this on 3 different machines, all running redhat 7.0.

Jeff Iddings
jeff@purplenet.net
Comment 1 Chris Evans 2000-10-21 16:06:40 EDT
I suspect this isn't a bug.
I bet the user running "reboot" is logged on either at a virtual console or on
the X console, as well
as via telnet/ssh
If you can get a user who is ONLY logged on via telnet or ssh to do a reboot,
that's a problem.
Comment 2 Need Real Name 2000-10-21 16:13:05 EDT
well, i just tested it three more times, on three different machines.  all users
logged out..  i log in, under a normal user account, and type "reboot".  it
does. :)  is that normal?

Jeff
Comment 3 Need Real Name 2000-10-21 16:18:35 EDT
oh, yeah.. i'm loggin into tty0.

Jeff
Comment 4 David Lawrence 2000-10-21 21:23:32 EDT
I am sure this is by design. When a user is logged in from the actual console
either from X or from a regular login prompt, that normal use can reboot or halt
the machine because of the symlink to consolehelper. Hence most standalone
workstations. Persons logged in from remotely (ssh or telnet), unless they are
root, cannot reboot or halt a machine. One way to check is to do a 'who' command
and see if your name shows up in the list with a ttyX (can reboot) or a pts/X
(cannot reboot). Does this answer help answer the issue?
Comment 5 Ignacio Vazquez-Abrams 2000-10-22 21:49:04 EDT
Heres the contents of /etc/pam.d/reboot:

#%PAM-1.0
auth       sufficient   /lib/security/pam_rootok.so
auth       required     /lib/security/pam_console.so
#auth       required    /lib/security/pam_stack.so service=system-auth
account    required     /lib/security/pam_permit.so

Do you see the third line, the one that has "console" in it? Comment that out to
disable "reboot" from the console. Repeat with any /etc/pam.d/.* files you
require.
Comment 6 Nalin Dahyabhai 2000-11-03 15:22:07 EST
Removing the reference to pam_console will allow users logged in anywhere to
reboot the system.  If you wish to prevent users who are logged in at the
console from rebooting the system, you need to add the line "USER=root" to the
file "/etc/security/console.perms/reboot" or remove the usermode package
altogether.

Note You need to log in before you can comment on or make changes to this bug.