The halt script performs the same actions as "shutdown -h now". The shutdown script can only be run by root. The halt script, which points to /usr/bin/consolehelper allows a remote, unprivledged user to execute the halt command, thus halting the machine. This is an explotable DoS attack, for any RedHat machine that allows remote shell access. This is the default installation of RedHat 7.0.
This has nothing to do with console-tools, reassigning... Also, I think the default setting is to let only local users shut down the system.
Sorry for the console-tools assignment, that was a guess. I just tested this on a RedHat 7.0 box with a normal user (ie., no special group perms, etc.) from a simple telnet session and I was able to halt the remote box. My original assumption was that this was only for console users as well, but it turns out that it is remote exploitable.
Do you have the latest usermode errata (1.37) installed? I can't reproduce this problem with all of the current errata, although it was possible prior to one of the usermode errata updates.
The usermode 1.37 errata fixes the problem. The description for the patch says nothing specific that would have lead me to believe that it fixed this problem. It does mention that it fixes a "potential" security problem in userhelper, but I don't know if this is what was meant. Thanks for the help.
OK, resolving as fixed in the errata release.