Bug 52010 - Can Shutdown/Restart Server w/o Logging In
Summary: Can Shutdown/Restart Server w/o Logging In
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Public Beta
Classification: Retired
Component: gdm (Show other bugs)
(Show other bugs)
Version: roswell
Hardware: i386 Linux
medium
medium
Target Milestone: ---
Assignee: Havoc Pennington
QA Contact: Aaron Brown
URL:
Whiteboard:
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-08-18 14:19 UTC by Brian Z
Modified: 2007-04-18 16:36 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-08-20 13:53:14 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Brian Z 2001-08-18 14:19:23 UTC
Description of Problem:
At the GDM login prompt, I am able to shutdown and restart the server 
without logging in.  This shows a lack of security, since any user can 
walk by the computer and shutdown/restart it.  Win NT Server & 2000 
Server force the administrator to log in to use these options.

Version-Release number of selected component (if applicable):
2.2.3.1-8

How Reproducible:
Always

Steps to Reproduce:
1.  At the GDM Login Prompt, click System
2.  Click Shutdown or Restart
3.  Watch System Shutdown/Restart

Actual Results:
Server restarts/shutdown.

Expected Results:
To be Prompted for root password to restart/shutdown.

Additional Information:
n/a

Comment 1 Havoc Pennington 2001-08-20 14:56:11 UTC
You can also type "ctrl-alt-del" at the console, always have been able to.

If you want to disable this, there are options in /etc/X11/gdm/gdm.conf, and 
you can turn off ctrl-alt-del in /etc/inittab. People can still hit the power
button though, if you haven't physically concealed it.


Note You need to log in before you can comment on or make changes to this bug.