PDA

View Full Version : [all variants] Shutdown



ST3ALTHPSYCH0
November 13th, 2009, 04:25 PM
This actually works to my advantage, but it seems to be a security flaw overall. When you try to shutdown from a DE you are informed that administrator authorization is required when others are logged in. However, if you simply log out, you can choose shutdown from the log in screen and it doesn't matter who's logged in. Can anyone explain this?

undecim
November 13th, 2009, 04:58 PM
I'm guessing GDM is authorized to shut down the computer without the root password. This really isn't a security flaw, because anyone who has physical point-and-click access to GDM could just use the power button anyways, and its better to have the computer properly shut down.

ST3ALTHPSYCH0
November 14th, 2009, 05:00 AM
I'll accept that answer. In my case it's beneficial for my wife to be able to shutdown the system if I forget to log out anyway. The only reason I could see it being a security flaw would be the ability to reboot with a live CD, but, as you say, a hard reboot could accomplish the same end.

movieman
November 14th, 2009, 07:57 AM
I would guess that GDM runs as root, so it doesn't need privilege escalation to reboot.

Also, if someone is logged in, they may be doing something that they don't want to lose just because someone walked past and selected 'reboot' :).

QLee
November 14th, 2009, 12:48 PM
This actually works to my advantage, but it seems to be a security flaw overall. When you try to shutdown from a DE you are informed that administrator authorization is required when others are logged in. However, if you simply log out, you can choose shutdown from the log in screen and it doesn't matter who's logged in. Can anyone explain this?

Not a security flaw, GDM is configurable to allow or disallow regular users to shutdown the system from the login screen.

ST3ALTHPSYCH0
November 14th, 2009, 03:50 PM
Ah, I didn't realize that you could reconfigure to disallow that. Not a flaw, and definitely a convenience at this home!