Shutdown permissions
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
hal (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
xfce4-session (Ubuntu) |
Invalid
|
High
|
Unassigned |
Bug Description
I run an Ubuntu server that people can VNC into. One of my users runs XFCE4 as their window manager and one day discovered that he could shutdown the server by just clicking the "shutdown" button from the XFCE logout menu.
I was pretty surprised that worked because no regular users have permission to issue any shutdown commands either from the command line or using GDM. After some research, I confirmed that HAL is to blame. As far as I can tell, XFCE sends a command to HAL via D-Bus, and it then executes /usr/share/
This is a pretty big problem for me. I can't have just any user issuing shutdown commands on a shared server. It's also worrying that HAL will execute scripts on behalf of any user as root. Is there any way to restrict what kinds of things HAL will do for users or at least keep it from running scripts as root?
Thanks!
(Question initially asked at: http://
Changed in hal: | |
status: | New → Incomplete |
Changed in hal: | |
status: | Incomplete → Invalid |
I think that it's related to Bug #47834. You need to use the kiosk mode to not let users shut down the server. IIRC it doesn't work fine in dapper, but is fixed in Edgy. Could you test?