Date: Thu, 11 Jan 2007 16:33:15 -0800 From: James Long <list@museum.rain.com> To: Nathan Vidican <nathan@vidican.com>, questions@freebsd.org Cc: keramida@ceid.upatras.gr, chandler@chapman.edu, maanjee@gmail.com Subject: Re: How dangerous a Standard User could be to a FreeBSD box? Message-ID: <20070112003315.GA37679@ns.umpquanet.com> In-Reply-To: <45A6412C.308@vidican.com> References: <20070111052604.BAC5D16A575@hub.freebsd.org> <20070111062058.GA44045@ns.umpquanet.com> <45A6412C.308@vidican.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jan 11, 2007 at 08:52:44AM -0500, Nathan Vidican wrote: > > > > > How dangerous a Standard User could be to a FreeBSD box? > > > > Depending on local setup, this could range from 'not at all' to > > > > 'extremely'. Do you have a *specific* setup in mind? > > > Standard user with the root password, a bag of explosives, a .45 magnum, > > > and a chip on his shoulder, say? > > Yeah, and even a user with no account or password, a screwdriver, and > > a Mountain Dew. > Gotcha all beat, screw the 'standard user' issue... I had a client call > me once cause the office cat peed onto/into the server; no technical > expertise required whatsoever, no password, no re-wiring of network, > heck no opposable digits even or anything else for that matter, yet it > still managed to kill the server ;) Ah yes, the infamous cat(1) ppp(8) exploit. Much harder to clean up than cat(1) dump(8), too. Fortunately, the worst problem I've had with mine is occassional race conditions with mouse(4). Jim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070112003315.GA37679>