16.09.2012 19:13, rihowa...@gmail.com kirjutas:
On Sep 9, 2012, at 3:10 AM, Julien wrote:
Le Sun, 09 Sep 2012 12:55:17 +0300,
Sander Lepik <sander.le...@eesti.ee> a écrit :
08.09.2012 19:49, Colin Guthrie kirjutas:
Hi,
So there exists two users (provided by default from the setup pkg)
called "halt" and "shutdown". These users just run the halt and shutdown
commands as their shell. This means su'ing or sudo'ing or setting a
password and logging in as them, will shut the machine down.
This seems like a relic from many years ago and there is no need to
include such users in this day and age. Should we kill them off?
Col
+1 on removing them. I didn't even know about them :)
--
Sander
The same for me, didn't know they existed.
Julien
- 1
Removing them is a really bad idea. It violates fundamental security
principles.
There is a reason processes are run with their user permissions.
Hmm, i'm not sure you know what you are talking about. Can you show me where in the code are
we doing that?
--
Sander
