Console Access


Users logged in at the console have special privileges. Consequently, an administrator may wish to restrict access to console functions as a matter of security. This section describes the procedures used to restrict access to the console and to specific console functions.

When normal (non-root) users log in to a computer locally, they are given two types of special permissions:

  • They can run certain programs that they would not otherwise be able to run

  • They can access certain files (normally special device files used to access diskettes, CD-ROMs, and so on) that they would not otherwise be able to access

Since there are multiple consoles on a single computer and multiple users can be logged in to the computer locally at the same time, one of the users has to “win” the race to access the files. The first user to log in at the console owns those files. Once the first user logs out, the next user who logs in will own the files.

In contrast, every user who logs in at the console will be allowed to run programs that accomplish tasks normally restricted to the root user. If the X Window System is running, these actions can be included as menu items in a graphical user interface. As shipped, the console-accessible programs include halt, poweroff, and reboot.




Official Red Hat Linux Administrator's Guide
Official Red Hat Linux Administrators Guide
ISBN: 0764516957
EAN: 2147483647
Year: 2002
Pages: 278
Authors: Red Hat Inc

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net