johnathan at gnuthought.com
Fri Nov 21 15:27:21 UTC 2003
Felipe Alfaro Solana wrote:
>On Wed, 2003-11-19 at 22:57, Jorge L.Martin C. wrote:
>>--What I need--
>>I can suspend with apm -s as root, how can I suspend as user?
>chmod +s /usr/bin/apm
>Then, enable the apmd daemon
>chkconfig --level 345 apmd on
>service apmd start
>Now, you'll be able to "apm -s" as a normal user.
I don't know if this is really a great idea. SUID on /usr/bin/apm will
allow anyone to cause the machine to go into suspend mode. So a
security breach in any service (a careless CGI script for example) would
let an attacker put the machine into suspend mode, a pretty successful
DOS. Given, on a laptop it's probably not a big deal, but it still just
kinda feels wrong IMHO.
What I've been using on my laptop, a Toshiba Satellite 2400, is to add
%users ALL=(root) NOPASSWD: /usr/bin/apm -s
to my /etc/sudoers file so I can use "sudo apm -s" and it works only for
users that belong to the group "users". I also found it helpful to add
a button in KDE to call this so I don't even have to open a terminal.
More information about the fedora-list