Hiding Shutdown/reboot in logout dialog and possible security issue

Thu Jul 10 12:49:09 UTC 2014

On 07/10/2014 07:21 AM, Anders Bruun Olsen wrote:
> Hi,
>
> I am looking to build a new terminal server for remote desktops which
> will be accessed through NoMachine Enterprise. Lubuntu and LXDE looks
> like a nice fit, but I have run into a couple of issues.
>
> I have a default install of Lubuntu 14.04 64-bit. I have created a
> non-privileged user (no sudo rights). I have also installed NoMachine
> Enterprise Server. First thing I discovered was what I would almost
> call a security issue. When my non-privileged user is logged in
> remotely (with Nomachine Enterprise Client), choosing shutdown in the
> logout dialog actually does shut down the server. How can this user
> shut down the server, without root access? I found out, that if I
> ensure lightdm isn't running (nobody will login locally), my
> unprivileged user can't shut down the server, but will be asked for
> the password to a privileged user, so I guess this is an issue with
> lightdm. Is this really intended behavior?
>
> Next up, I would like to hide the shutdown and reboot buttons in the
> logout dialog. The only way I have been able to find by searching, is
> to actually change the source code for lxsession-logout and recompile.
> Is there really no other way to hide those buttons?
>
> -- 
> Anders Bruun Olsen
> It-ansvarlig
> Det Danske Sprog- og Litteraturselskab
> (Society for Danish Language and Literature)
>
>
Hi Anders!
The commands for shutting down, and rebooting are sudo commands. (sudo
shutdown -h now or sudo reboot)  However certain programs are granted
access to run these commands from root.  So it should be possible to not
allow those programs to shutdown without a password.  This also includes
the lxsession-logout.  Can the unprivaleged user run the logout dialog
and shutdown from there as well (this is the power button on the panel,
unless you have removed it).

Unfortunately I cannot remember right this moment what grants these
programs access to run those commands without need a user password.  But
this might give you something to search for.  There are some people on
this list who may be able to clarify what I am getting at, and may even
know how this is done specifically.

On the other hand, there are other login managers such as SLIM.  You may
need to configure it a bit to get it looking the way you want and have
the options you want, but that might be the easier choice, unless the
logout dialog can let the user shutdown the server as well...

-- 
Regards

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/lubuntu-users/attachments/20140710/cbf7562e/attachment.html>