Date: Sat, 7 Apr 2001 17:30:03 -0700 (PDT) From: Dima Dorfman <dima@unixfreak.org> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/26416: ctrl+alt+del --- normal user can reboot machine Message-ID: <200104080030.f380U3N77890@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/26416; it has been noted by GNATS. From: Dima Dorfman <dima@unixfreak.org> To: davidx@viasoft.com.cn Cc: freebsd-gnats-submit@FreeBSD.org Subject: Re: kern/26416: ctrl+alt+del --- normal user can reboot machine Date: Sat, 07 Apr 2001 17:23:58 -0700 davidx@viasoft.com.cn writes: > >Description: > a normal user can login console and press ctrl+alt+del to reboot > machine, there is no way to disable this action even it is what > root want. a root user can load a tweaked keyboard map to disable > ctrl+alt+del, but a normal user can still load another keyboard map > to re-enable ctrl+alt+del. this is a security problem. A normal user can also plant an explosive device next to the computer and blow it up. They can also throw a grenade. Failing that, they can rip the computer off the rack (or table) and throw it out a window. If you don't have a window, they can throw it against a wall. Heck, they can just push the power button! What do you expect FreeBSD to do about that? In other words, I don't think this is a security hole. There are bigger problems when a user has console access. A reboot via the three-finger-salute is but a minor detail. Also, as someone has already pointed out, there is a kernel option to disable this. Since it's not something you would want to be turning on and off on a regular basis, there's no need for a sysctl. Regards, Dima Dorfman dima@unixfreak.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104080030.f380U3N77890>