Allowing a local user to reboot a workstation


About local_reboot

This is a small C program designed to be installed on Sun workstations where unprivileged users should be allowed to reboot their own workstations.

Installing reboot suid is one method of achieving this, but it allows _anyone_ to reboot the workstation from any location, giving a potential for a Denial of Service (although a fairly well logged one). What this attempts to do is to perform some checks on the identity of the caller before initiating a reboot. To confirm that the caller is the local user, /dev/console is stat'd and the ownership checked. If the ID's match, a reboot is allowed, otherwise the program exits.


Security

I have written this as securely as I can; there is only one buffer which could be overrun and data only goes into this once, resulting in what I feel is a secure suid program. If you feel that it is not secure, let me know, or, better yet, give me a patch!


LICENCING/COPYING

This program is open source software and is released under the GPL. See the file COPYING for details.


Obtaining the package

The main distribution site is http://riddoch.org/unix/solaris/local_reboot.php

A tar.gz file is available via FTP from ftp://ftp.scms.rgu.ac.uk/pub/staff/jr/local_reboot-0.1.tar.gz (Link broken!)


Version history

Version date comment
0.1 15 June 1999 initial release

File last modified: Saturday, 06-Mar-2004 14:12:08 GMT