/sbin/reboot

[Rob Farmer]

On Thu, Dec 9, 2010 at 22:46, Adam Vande More <amvandemore at gmail.com> wrote:
> shutdown also give operator more possibilities than a clean shutdown some
> which could be very bad.
>

I haven't thought about the situation in any detail, but nothing jumps
out at me from the manpage. You could do a denial of service thing by
kicking people off or endlessly rebooting the system, but intervention
to stop that should be easy enough. With reboot, you could require
fsck of the filesystem, plus any fallout from databases not stopping
properly, etc.

Of course, this is all (or should be) academic, since people in
"limited" admin groups like operator should be presumed able to
escalate to root. I think operator is allowed to run dump, among other
things. A big Windows security flaw is adding people to "Power Users,"
as if that stops anything beyond clumsy mistakes.

-- 
Rob Farmer