Re: /sbin/shutdown and /sbin/init

Crystal_1 · ‎06-20-2002

Hi,

I just found that the permissions for the two files are -r-xr-xr-x.

Does it mean all people can shutdwon the system?

CRYSTAL

T G Manikandan · ‎06-20-2002

hello,
If you make an entry in the /etc/shutdown.allow file then the user can shutdown the system.

Now if you shutdown as normal user it will give a message

"Must be root to shutdown"

only super user root can shutdown

Thanks

Tim D Fulford · ‎06-20-2002

No

shutdown is controlled by shutdown.allow

I'm fairly sure init makes kernel calls which the average user is not allowed to do.

Tim

-

Pete Randall · ‎06-20-2002

Only if they are list in /etc/shutdown.allow

Pete

Pete

Stefan Farrelly · ‎06-20-2002

No. Shutdown does extra checking to ensure only a superuser can run it. Try it as a non root user and you will see.

The permissions on /sbin/shutdown should actually be 04555. You can verify this by doing;

swlist -a mode -l file|grep "/sbin/shutdown"

And it returns 04555 (at least on my 11.0 box it does).

/sbin/init should indeed be permission 0555.

Im from Palmerston North, New Zealand, but somehow ended up in London...

PIYUSH D. PATEL · ‎06-20-2002

Hi,

See the owner and group of these files. Owner will be root and group will be sys. Hence all the users cannot execute.

If you make an entry in /etc/shutdown.allow then the users can shutdown the machine.

Piyush

Crystal_1 · ‎06-20-2002

Hey guys,

This setting is by default. I have checked several boxes, they are the same settings.

CRYSTAL

Crystal_1 · ‎06-20-2002

/sbin/shutdown has extra checking. How about init and reboot?

I did check /usr/sbin/swlist -a mode -l file | grep "/sbin/shutdown" and it is 04555.

Does a regular user can run reboot or init?

PIYUSH D. PATEL · ‎06-20-2002

Hi,

A regular user cannot execute init or reboot.

It will give an error - "Must be a Super-User"

Give an ls -al /sbin/init and see the owner and group for this file.

The owner of these files is root and the group is sys. So only the user root or any other users in the group sys can execute these commands.

Piyush

PIYUSH D. PATEL · ‎06-20-2002

Hi Crystal,

Even reboot will tell you " Permission denied" when executed by any other user except root.

If all the users will have the previledge to use the shutdown/init/reboot commands then we system admins may have a "TOUGH TIME" !!!

Piyush

Steven Sim Kok Leong · ‎08-07-2002

Hi,

If an abnormal channel of access to /sbin/shutdown is exploited, with the setuid bit set, the shutdown binary is exposed to potential buffer overflows even though none has been discovered yet (as far as I can recall i.e. I have not done a thorough search for buffer overflow vulnerabilities on the shutdown binary). Thus, the security principle of least privileges tells us that such risks should be mitigated where possible, which is dependent on whether the configuration without setuid bits set is supported by HP.

Hope this helps. Regards.

Steven Sim Kok Leong

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: /sbin/shutdown and /sbin/init

/sbin/shutdown and /sbin/init