Bug 466610 - Gnome-session shouldn't allow shutdown for non privileged users
Gnome-session shouldn't allow shutdown for non privileged users
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: gnome-session (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Ray Strode [halfline]
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-10-11 03:53 EDT by Quentin Armitage
Modified: 2008-10-11 12:38 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-10-11 12:38:59 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Quentin Armitage 2008-10-11 03:53:32 EDT
Description of problem:
Gnome-session allows non privileged users to suspend, hibernate, shutdown or restart the system. This is inconsistent with /sbin/shutdown.

Version-Release number of selected component (if applicable):
All recent

How reproducible:
Always

Steps to Reproduce:
1.Select System/Shutdown from Gnome menu bar
2.
3.
  
Actual results:
Non-privileged user can shut the system down

Expected results:
If running as a non-privileged user, it should prompt for root password

Additional info:
Comment 1 Ray Strode [halfline] 2008-10-11 12:38:59 EDT
The default policy is to allow "console" users the ability to shutdown or reboot.

A "console" user is roughly defined as someone sitting at the physical machine (where they could just yank the plug).  The accounting for this is managed by a service called ConsoleKit.  You can see a list of currently logged in users and whether they're local or not by running:

ck-list-sessions

This policy is configurable, though, via PolicyKit and the gnome-polkit-authorization tool.

Note You need to log in before you can comment on or make changes to this bug.