Bug 6838 - Default config allows anyone to halt/reboot the machine
Summary: Default config allows anyone to halt/reboot the machine
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: gdm
Version: 6.1
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Michael Fulbright
QA Contact:
URL:
Whiteboard:
: 6839 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 1999-11-08 23:19 UTC by Chris Siebenmann
Modified: 2008-05-01 15:37 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 1999-11-15 20:02:20 UTC
Embargoed:

Attachments (Terms of Use)

Description Chris Siebenmann 1999-11-08 23:19:01 UTC 
The default gdm configuration allows anyone in front of
the console to reboot or halt the machine without having
to surrender any sort of password. This is especially
peculiar as, once you log in, you will have to give a
password to do this.

 I believe that the default should be to require the
root password before allowing halt/shutdown.
Comment 1 Preston Brown 1999-11-15 20:02:59 UTC 
we believe that a user having console access already has more than enough
opportunity to halt or reboot the machine physically.  In the case of a
"cluster" type situation where a network of workstations is installed in a
public area, this can easily be changed via a modified configuration.  However,
the defaults are appropriate in the majority of cases.
Comment 2 Preston Brown 1999-11-15 20:04:59 UTC 
*** Bug 6839 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.