:: Re: [DNG] F1 and special usernames …
トップ ページ
このメッセージを削除
このメッセージに返信
著者: Adam Borowski
日付:  
To: dng
題目: Re: [DNG] F1 and special usernames on the login screen
On Wed, Jul 20, 2016 at 06:27:25PM -0700, Rick Moen wrote:
> Quoting Didier Kryn (kryn@???):
> > In any case, any person who has the possibility to push the
> > power button or cut the power cord should be given the opportunity
> > to click the halt button instead. ctrl-alt-f1+ctrl-alt-del can be
> > used to reboot, but there's nothing to halt.
>
> Halt is accomplished by first doing ctrl-alt-f1, ctrl-alt-del, then
> turning the system unit off before significantly into startup (assuming
> physical access to the system unit in addition to a physical console).
>
> Or, as you say, through a hardware button on the system unit, or yanking
> the mains (AC) cord.


Which means the defaults for display managers are bogus.

In the default configuration, anyone with physical access can ctrl-alt-del
or alt-sysrq. This can be disabled, so can be a brief push of the power
button (ACPI shutdown), but I have yet to see a BIOS that allows disabling
long push of the power button, or, for that matter, yanking the power cord
(or the battery of a mobile device).

Thus, unless someone took extraordinary steps to provide physical security,
anyone able to login locally can turn the machine off, period. An orderly
shutdown is better than an unclean one, thus any display manager that
forbids local users to shutdown is buggy.

--
An imaginary friend squared is a real enemy.