Asking a user for the root password and executing root only c ommands...

[Paul Boddie]

bokr at oz.net (Bengt Richter) wrote in message news:<apqh92$pve$0 at 216.39.172.122>...
> 
> Kind of funny (not) that /sbin/shutdown must be run as root,
> but by default any doorknob rattler could kick it off with ctrl-alt-del
> without being asked for a password. Not a cool default config IMO ;-/

Red Hat Linux 6.1 was amusing in this respect. Selecting the logout
button in a desktop environment and choosing "shutdown" in the "are
you sure?" dialogue caused a password prompt to appear, presumably to
restrict that option to the desktop's current user; yet choosing
"logout" from the same dialogue resulted in the appearance of the
standard graphical login manager from which the "shutdown" menu option
had no such restrictions. It makes one wonder whether this security
feature was really thought through.

> Well, it's not really a windows thing. I mean it's not just a matter
> of yet another "magic" start-something-neat-and-glitzy-button.
> It ties into formal security requirements. There has to be a way
> for you to go up to the computer and know for sure (physical tampering
> should be evident by design) that you are logging into an authentic
> login program. Pulling the plug and plugging it back in is
> not a graceful way to do that ;-)

Yes. As once discussed in a distantly-remembered thread, I recall that
this was a prerequisite for that C2 certification thing that Windows
NT had.

Paul