The default zero-length halt, poweroff, shutdown, and
reboot files in /etc/security/console.apps allow any
console user to halt, power off, shut down, or reboot
the machine if they have logged into it. I believe that
this is an undesirable default, and that two things should
First, I think that userhelper should default to assuming
that a zero-length file means either that nothing should
be allowed or that 'USER=root' should be the assumed
contents, instead of the current undocumented assumption
Second, I think that these four files should all have the
contents 'USER=root' added, to make the policy explicit.
We disagree, and believe that these are reasonable defaults. Someone who has
console access already has the ability to do much worse than this in most
cases. In the case of a server machine or a "cluster" type situation, the
defaults can be easily modified.