On Tue, 31 Jul 2001, Jay DeKing wrote:
> To allow users other than root to shut down the computer safely:
>
> 1. Start up the userconf utility (you will need the root password)
> 2. Select "user accounts"
> 3. Select the user to whom you wish to grant the ability to shut down.
> 4. Under the "Privileges" tab, activate the "Granted" button next to the "May
> shutdown" option.
> 5. Accept the changes and exit userconf.
But this means that the user will be able to shutdown only through
linuxconf's interface.
Also, if the user is working in the console, there is the obvious way of
pressing ctrl-alt-del (maybe pressing ctrl-alt-f1 to get out of X first).
This is something _very_ simple if only trusted users are to have physical
acces to the system.
>
> Jay
>
> On Monday 30 July 2001 h:44, Ric Tibbetts wrote:
> > You need to do a set UID to root, so that it will always run as root, no
> > matter who launches. Then control execute permission with the group as
> > you're trying to do.
Generally you shouldn't make the binary itself SUID root, because you can
never know what parameters it can receive. Instead you should use programs
like sudo or super, which allow a much better control over what paramters
are allowed to pass to those commands, who may run those commands, etc.
--
Tzafrir Cohen
mailto:[EMAIL PROTECTED]
http://www.technion.ac.il/~tzafrir
