Possible privilege escalation vulnerability in the Automatic Shutdown feature

[beomusxyz]

The feature is an excellent idea, and i absolutely love it, but second i saw the NOPASSWD option i instantly thought about how i could exploit something like that. Anything user writeable and root executable is a super easy way to do local privilege escalation, hell, i've done it before. Honestly that is the only thing stopping me from putting this on my daily driver laptop right now..

[username] [hostname] =NOPASSWD: /usr/bin/systemctl poweroff
 [username] [hostname] =NOPASSWD: /usr/bin/shutdown -h now

[coffebar]

@D1sturbing Hi, i believe on most systems we can run such command without root privileges and without edition a sudoers file /usr/bin/systemctl poweroff -i

I have this binding in my i3 config on arch and it works fine without any configuration from my side. This line was copy-pasted from somewhere, i think flag -i means something like "ignore locks, force shutdown"

[beomusxyz]

Just tested this, it does indeed work. I think i'll fill out a pull request now

[beomusxyz]

Just so happened that i distrohopped.. now i need to find a way to do that with the runit init system...