Bug 466610 - Gnome-session shouldn't allow shutdown for non privileged users
Summary: Gnome-session shouldn't allow shutdown for non privileged users
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: gnome-session
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Ray Strode [halfline]
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-10-11 07:53 UTC by Quentin Armitage
Modified: 2008-10-11 16:38 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-10-11 16:38:59 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Quentin Armitage 2008-10-11 07:53:32 UTC 
Description of problem:
Gnome-session allows non privileged users to suspend, hibernate, shutdown or restart the system. This is inconsistent with /sbin/shutdown.

Version-Release number of selected component (if applicable):
All recent

How reproducible:
Always

Steps to Reproduce:
1.Select System/Shutdown from Gnome menu bar
2.
3.
  
Actual results:
Non-privileged user can shut the system down

Expected results:
If running as a non-privileged user, it should prompt for root password

Additional info:
Comment 1 Ray Strode [halfline] 2008-10-11 16:38:59 UTC 
The default policy is to allow "console" users the ability to shutdown or reboot.

A "console" user is roughly defined as someone sitting at the physical machine (where they could just yank the plug).  The accounting for this is managed by a service called ConsoleKit.  You can see a list of currently logged in users and whether they're local or not by running:

ck-list-sessions

This policy is configurable, though, via PolicyKit and the gnome-polkit-authorization tool.
Note You need to log in before you can comment on or make changes to this bug.