On October 21, 2016 11:23:01 AM PDT, Josef Wolf <jw@raven.inka.de> wrote:
On Wed, Oct 19, 2016 at 08:45:21AM -0700, John Andersen wrote:
On Tue, Oct 18, 2016 at 07:15:31PM +0200, Josef Wolf wrote:
I have DISPLAYMANAGER_SHUTDOWN="root" set in /etc/sysconfig/displaymanager
But this setting seems to be ignored. Non-privileged users can
still
shutdown by choosing "shutdown" from their KDE menu.
Why is this?
BTW: this is opensuse Leap 42.1
Have you tried shut down via ssh?
Myself (as a privileged user) CAN shut down form ssh. But that's not the point. Unprivileged users should NOT be able to shut down.
It's pointless to try to protect a machine from power off at the console.
Then it's pointless to have this configuration setting in the first place.
And it's pointless to have a "shutdown" icon in the GUI, IMHO.
The power switch is right there, as is the cord.
The user have only access to the display+Keyboard of the machine.
And, in fact, in this case the shutdown was done by ACCIDENT, because the user clicked the wrong icon ("herunterfahren" instead of "abmelden") in the KDE menu.
The point here is not to protect from malicious user but to protect from UNEXPERIENCED user.
I seem to remember that there used to be a kiosk mode. I don't know what happened to that. Sounds like it might protect from the inexperienced as well as the mildly malicious. The Linux Standard Base used to have a group called shutdown. I can't remember when I last saw that actually implemented. -- Sent from my Android phone with K-9 Mail. Please excuse my brevity. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org