On 04/01/16 04:05 PM, Stuart Longland wrote:
On 05/01/16 06:30, Gary Dale wrote:
Possibly but I note that systemctl is owned by root:root so that typical
users can't execute it anyway. They get execute rights from the links.
Errm, no they wouldn't. Not if they were symlinks. Hardlinks, maybe.
Systemctl seems to figure out what to do based on the link that calls it
and the current system policy.
It probably detects this from argv[0], which by convention is always the
name of the file executed. Since that file is the symbolic link, the
name of that symbolic link is what's passed as the first argument in argv.
Permissions, as it's usually the equivalent of a `stat` rather than a
`lstat` system call, will come from the actual binary, which is
world-executable. The only thing that stops a user from actually
shutting the machine down is the fact that sysctl does all sorts of
voodoo to figure out who you are first before giving the nod to init.
The link is to /bin/systemctl which is NOT world executable and is owned
by root:root. Therefore it should not be executable by anyone other than
root. Neither apparently is the symlink, so your are right on that
point. The original poster asked about using systemctl so I assumed he
was actually using it directly
Figuring my way through this, it must be that the various DMs that
provide the shutdown buttons work some magic to allow normal users to
shutdown computers. This of course means that any approach using
permissions on the actual program or links cannot work.
