[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "3 fingers"



Giving the users the ability to reboot the machine is not a very good
idea.  While it can be very useful in times of emergency it can also allow
anyone who has access to the console without an account on the box to
reboot the system (yes, it is true that you can just pull the plug, but
why give them more options?).  Ctrl-Alt-Del is just a comfort that OpenBSD
can do without. 

With linux boxes they also have the nice option of rebooting the machine
from anywhere after the user pulls root access by exploiting a
vulnerability.

Regards,
A. C. Eufemio

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 Claret Eufemio        
 Lead Engineer
 CPIO Networks
 claret@cpio.net
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

On Tue, 5 May 1998, Wim Vandeputte wrote:

> On Mon, 4 May 1998, Tobias Weingartner wrote:
> 
> > On Monday, May 4, Vadim Vygonets wrote:
> > > Why sudo reboot, when you can just add the user to group operator
> > > and let them run shutdown?
> > 
> > It will let them do lots of other things as well...
> 
> and not only from the console... Fun guys log in over the network too..
> 
> I guess the point is: if people have access to the console, they can pull 
> the plug and press reset anyways. So why not offer the 'gracefull reboot' 
> option? I trained people over here to do so with the linux boxes, in case 
> there is a power shutdown or they need to fuss around with the wiring. 
> But in no case I'm going to give them access (any sorts of login) to the 
> machines.
> 
> 
> *-=-*-=-*-=-*-=-*-=-*-=-*-=-*-=-*-=-*-=-*-=-*-=-*-=-*-=-*-=-*-=-*-=-*-=-*-=-*
> Wim Vandeputte                                       --Comfort is Treachery--
>                                               --So pound the nails in tight-- 
> 
>