Hi no problem, I'm aware of this limitation, the question is how is the "root" checking done ?
if it is based on a uid of 0 as with solaris/hpux then this will be fine for local users, however would this not cause a potential issue against ldap/nis based authentication in that the "admin" of 0 is not always going to be "machine" admin, rather the "domain model" admin ? Matt Kees Cook wrote: > Thanks for this bug report! As it turns out, having world-execute does > not give access to performing the shutdown, just to running the command: > > $ shutdown -r now > shutdown: Need to be root > > > ** Visibility changed to: Public > > ** This bug is no longer flagged as a security issue > > ** Changed in: sysvinit (Ubuntu) > Assignee: (unassigned) => Kees Cook (kees) > Status: New => Invalid > > -- /sbin/shutdown world execute permissions https://bugs.launchpad.net/bugs/244929 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
