On 22/03/15 12:30, Peter Humphrey wrote:
On Saturday 21 March 2015 16:20:17 Jc García wrote:
Interesting. But as I said ealier, I can reboot the system when I am a
user by Ctrl+Alt+Delete. The user can reboot the system, but can't shut
down? Strange
It's not strange, `man 2 reboot`. It's a defined behavior.
I'm with German here. Being designed that way doesn't stop it being strange.
Consider: I'm an ordinary user sitting at a terminal. I'm not allowed to
halt the machine, but I am allowed to reboot it into perhaps some quite
other configuration. Or I can keep rebooting it over and again, effectively
preventing the machine from doing its job. How does that make sense?
The thinking is that you can unplug the machine, or press the hardware
reset or power button, or flip the PSU switch...
Preventing a ctrl+alt+del reboot does not add anything to security.
Security doesn't really apply to users with physical access to the machine.
However, this is just a default. You can easily disable reboot on
ctrl+alt+del by editing /etc/inittab and commenting-out this line:
ca:12345:ctrlaltdel:/sbin/shutdown -r now
Note though, that is someone wants to reboot, and ctrl+alt+del doesn't
work, pressing the reset button is far worse, since there's no clean
shutdown performed (unmounting filesystems after flushing caches, etc.)
Because of that, the default of allowing ctrl+alt+del for local users
makes more sense than disabling it.
