Steve Bellovin wrote:

> Why is /sbin/shutdown setuid root on 1.6 and -current?  (I haven't checked
> any other versions.)  The code ensures that it's running as root, which 
> is reasonable -- but if it's setuid, it always will be.
> 
> (I agree that on single-user machines, it's a reasonable thing to do.  
> But the owner can do that on a per-machine basis.)

It's also only executable by group operator:

	-r-sr-xr--  1 root  operator  270144 Aug  4 01:14 /sbin/shutdown*

so operator folk can reboot the computer.

Simon.
--
Simon Burge                            <simonb@wasabisystems.com>
NetBSD Support and Service:         http://www.wasabisystems.com/