Re: Embarrassing security bug in systemd
- Date: Wed, 6 Dec 2017 21:27:43 -0500
- From: Roberto C. Sánchez <roberto@xxxxxxxxxx>
- Subject: Re: Embarrassing security bug in systemd
On Wed, Dec 06, 2017 at 10:48:11PM +0000, Brian wrote:
> On Wed 06 Dec 2017 at 22:52:17 +0100, Urs Thuermann wrote:
> > Yesterday, my 10 years old son logged into my laptop running Debian
> > jessie using his account, and curiously asked if he is allowed to try
> > the /sbin/reboot command. Knowing I have a Linux system as opposed to
> > some crappy Win machine, I replied "sure, go ahead and try". Seconds
> > later I was completely shocked when the machine actually rebooted...
> > Of course, my son doesn't have any special privileges, no entry in
> > /etc/sudoers, etc. But then I see
> He is privileged because he has physical access to the machine.
Not necessarily. It is falacious to assume that someone logging in via
display manager or TTY has physical access.
Roberto C. Sánchez