Hi David, I work at Western university and we added a user shutdown. We told it when you log in to execute shutdown -h now and that is it. That might be the easiest way to do it. A little time consuming but other then that not the headaches that you could get if the system were to go down. If you need anymore info, email me. Paul
On Fri, 15 Aug 1997 [EMAIL PROTECTED] wrote: > I am running a Debian system right now as a web development staging server. > At > present, it is only on a local network, but could conceivably become a gateway > to the Internet as well. So for the time being, it is basically a two-user > system (me and my wife). > > I am teaching my wife to do web development, and would like her to be able to > use the Linux system. This includes having her be able to shut the system > down > when she's done using it (we can't afford to leave this old 486 system running > without a pretty heavy subsidy from the electric co!). My wife is not a real > experienced computer user in general, and she has NO UNIX experience > whatsoever. > Needless to say, I'm not really crazy about the idea of giving her root > access, > lest some simple mistake hose the system completely. > > What would be the best way to enable her to run the shutdown command, without > creating a giant security hole which might bite me in the @*% should this > machine ever become a gateway? My thoughts up to this point: > > 1) Creating a group consisting of my wife and myself, and doing a setuid and > chmod 710 on the shutdown command itself, and changing group ownership to the > group with me and her in it. > > 2) Creating a group consisting of my wife and myself, and writing a script > which executes the shutdown command, then setting the ownership for the script > to root, group ownership on the script to our group, and doing a setuid on > just > the script. > > It seems to me that the second option is the best as I don't have to monkey > around with the permissions on the command. Is the second any more of a > security concern than the first, or, as I assume, less? Say my wife's user > password is ridiculously easy to guess; do these give the same amount of > system > access to the person who cracks into her account? > > Does anyone know of a better way to do this? > > > -- > TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to > [EMAIL PROTECTED] . > Trouble? e-mail to [EMAIL PROTECTED] . > -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
