Public bug reported: I run an Ubuntu server that people can VNC into. One of my users runs XFCE4 as their window manager and one day discovered that he could shutdown the server by just clicking the "shutdown" button from the XFCE logout menu.
I was pretty surprised that worked because no regular users have permission to issue any shutdown commands either from the command line or using GDM. After some research, I confirmed that HAL is to blame. As far as I can tell, XFCE sends a command to HAL via D-Bus, and it then executes /usr/share/hal/scripts/hal-system-power-shutdown. Since hald- runner (which I'm assuming is responsible for executing HAL scripts) runs as root, it's able to issue shutdown commands without any problems. This is a pretty big problem for me. I can't have just any user issuing shutdown commands on a shared server. It's also worrying that HAL will execute scripts on behalf of any user as root. Is there any way to restrict what kinds of things HAL will do for users or at least keep it from running scripts as root? Thanks! (Question initially asked at: http://ubuntuforums.org/showthread.php?t=252559) ** Affects: hal (Ubuntu) Importance: Untriaged Status: Unconfirmed ** Visibility changed to: Public -- Shutdown permissions https://launchpad.net/bugs/59397 -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
