Unless you have some modified version of shutdown, only root should be able to run it anyway. So, for a user to type !sh and get the box to shutdown, they'd have to be logged in as root or knowingly type "sudo !sh" if they have sudo, in which case, they shouldn't have sudo or the root password. However, if shutdown is for some reason executable by anyone, you could just chmod go-x it and make sure its owned by root (it should be), making it executable only by root. At that point, any non-root or non-sudo user typing !sh will just get "permission denied" when they try to run it. You could also remote /sbin from everyones PATH by taking it out of /etc/profile. Good luck! Chet On Fri, May 23, 2008 at 7:27 PM, Paul Dwerryhouse <paul@xxxxxxxxxxxxxxxxxx> wrote: > On Fri, May 23, 2008 at 01:53:20PM -0400, Billy Davis wrote: > > It seems that some of our users are inclined to key in '!sh' at the > > shell prompt, which promptly shuts down our Red Hat Enterprise 3 Server, > > interrupting everyone else's work. Is there a line that we can add to > > the inittab file, that will trap this string, in the same fashion that > > the 'ca::ctrlaltdel:/sbin/shutdown -t3 -r now' line traps > > Ctrl-Alt-Delete inputs? > > Dodgy answer: move /sbin/shutdown to a location that isn't in the path, > so that typing just 'shutdown' from a command line without the full path > to it will result in 'command not found'. > > Better answer: take root access away from users who aren't sensible > enough to know how to use it properly. If they *have* to have root > access for some reason (and I really can't think of any reason why they > should have it), force them to use sudo with a restricted range of > commands that they need. > > Cheers, > > Paul > > -- > Paul Dwerryhouse | PGP Key ID: 0x6B91B584 > ======================================================================== > > http://linoleum.leapster.org/ - Linux Programming Resources > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- /* Chet Nichols III mail: chet.nichols@xxxxxxxxx (aim: chet / twitter: chet) */ -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
