On Thu, September 21, 2017 12:42 pm, Joseph L. Casale wrote:
Than was my first reaction when I realized that logged in with GUI (X11) user can turn off (and on) network interfaces. Without being in sudoers file.
Would not being in sudoers prevent them from pulling the cord out? The rational for the control is well justified for users with multiple interfaces and is simply a convenience to something they could always do under any condition anyway.
Yes, I agree on that. However, psychologically pulling AC power cord (or executing shutdown command) is more grave action than pressing toggle "on/off" switch image for network interface, thus killing network connection. So, I both agree and disagree with you. Namely, as with power I agree that local user (especially armed with screwdriver) can do a lot. Yet, I disagree that centrally managed "UNIX - like" (allegedly) workstation can be easily subverted in variety of ways by local user, effectively obliterating what sysadmin configured with something specific in his mind.
My apologies, everybody. If I held myself from putting my rant when I asked for help, there wouldn't be any abstract discussion on topic none of us can affect...
Valeri
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++