Bug 55987 - Normal users can issue the reboot command to reboot the system
Normal users can issue the reboot command to reboot the system
Status: CLOSED DUPLICATE of bug 17882
Product: Red Hat Linux
Classification: Retired
Component: usermode (Show other bugs)
7.2
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
David Lawrence
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-11-09 16:35 EST by Danny Crawford
Modified: 2007-04-18 12:38 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2002-01-18 14:36:23 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Danny Crawford 2001-11-09 16:35:42 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

Description of problem:
I just installed the downloadable version of RH 7.2 and added a user with 
the username of drc (adduser drc) and then I gave that user a password 
(passwd drc). After loggin in to the new normal user account I was able 
to use the reboot command to reboot the system. I think this is a serious 
security problem.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Login as normal user "drc"
2. Issue "reboot"
3. System reboots
	

Actual Results:  The server reboots when normal users use the reboot 
command.

Expected Results:  Only root has access to reboot the system.

Additional info:
Comment 1 Michael Schwendt 2001-11-10 19:40:20 EST
It's not a bug, it's a feature. A user at the console could also pull the plug.
:)

Hint: See output of "which reboot".
Comment 2 Jukka Lehti 2001-12-20 13:24:41 EST
This is a very critical bug! I just tested logging into a RH7.2 (+latest errata)
box as a normal user and the machine rebooted after I issued the 'reboot'
command. 'w' showed my TTY was pts/4 before I 'reboot'ed.
Comment 3 Igor 2002-01-11 02:14:51 EST
Yes...   this IS A SERIOUS BUG !!!...  I lost 2 days of work (chip simulation)
because another regular user re-booted the system !!!!!

Igor
Comment 4 Michael Schwendt 2002-01-12 12:29:47 EST
$ ll `which reboot` | cut -b57-
/usr/bin/reboot -> consolehelper

As I wrote before, this is not a bug. This is even documented in the "The
Official Red Hat Linux Customization Guide" which is shipped on the docs CD or
online here:

https://www.redhat.com/docs/manuals/linux/RHL-7.2-Manual/custom-guide/console-access.html#S1-ACCESS-CONSOLE-CTRLALTDEL
https://www.redhat.com/docs/manuals/linux/RHL-7.2-Manual/custom-guide/s1-access-console-program.html
Comment 5 nathan hubbard 2002-01-18 14:36:18 EST
This same problem also exists for the "halt", "v4l-conf" and "poweroff".  If a
user stays logged into the console, they can (days later) ssh into the machine
from remote as that same user and execute any of these commands. If you
uncomment the line:

auth       required	/lib/security/pam_stack.so service=system-auth

from 

/etc/pam.d/halt

It "fixes" the problem.

I don't really care to argue that this is or is not a bug.  It is like so many
things in RedHat's distro..."on by default".  You guys did so well with that
problem in 7.2, but you need to fix the loose ends like this.  I'm not
suggesting you remove the consolehelper system, I am just suggesting you reverse
this behavior by default.

As an example of why this is silly, we are now forced to "fix" this on all 7.2
machines at our organization...something on the order of 200 machines.  Nobody
wants to lose work because of an interface change like this.
Comment 6 Nalin Dahyabhai 2002-01-18 16:53:06 EST
A user logged in at the console can always reboot the system by pressing
Ctrl+Alt+Del, or hitting the power switch.  Allowing the user to reboot the
system in an orderly way is preferable.  Allowing a user to use removable media
devices or video display devices) is also preferable when the user has physical
access to the diskette drive and video hardware.

*** This bug has been marked as a duplicate of 17882 ***

Note You need to log in before you can comment on or make changes to this bug.