From owner-freebsd-questions@FreeBSD.ORG  Fri Jan 12 00:57:59 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: questions@freebsd.org
Delivered-To: freebsd-questions@FreeBSD.ORG
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 1445C16A40F
	for <questions@freebsd.org>; Fri, 12 Jan 2007 00:57:59 +0000 (UTC)
	(envelope-from list@museum.rain.com)
Received: from ns.umpquanet.com (ns.umpquanet.com [63.105.30.37])
	by mx1.freebsd.org (Postfix) with ESMTP id EB18513C468
	for <questions@freebsd.org>; Fri, 12 Jan 2007 00:57:58 +0000 (UTC)
	(envelope-from list@museum.rain.com)
Received: from ns.umpquanet.com (localhost [127.0.0.1])
	by ns.umpquanet.com (8.13.8/8.13.8) with ESMTP id l0C0XGsp038256;
	Thu, 11 Jan 2007 16:33:16 -0800 (PST)
	(envelope-from list@museum.rain.com)
Received: (from james@localhost)
	by ns.umpquanet.com (8.13.8/8.13.8/Submit) id l0C0XF0p038255;
	Thu, 11 Jan 2007 16:33:15 -0800 (PST)
	(envelope-from list@museum.rain.com)
Date: Thu, 11 Jan 2007 16:33:15 -0800
From: James Long <list@museum.rain.com>
To: Nathan Vidican <nathan@vidican.com>, questions@freebsd.org
Message-ID: <20070112003315.GA37679@ns.umpquanet.com>
References: <20070111052604.BAC5D16A575@hub.freebsd.org>
	<20070111062058.GA44045@ns.umpquanet.com>
	<45A6412C.308@vidican.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <45A6412C.308@vidican.com>
User-Agent: Mutt/1.5.13 (2006-08-11)
Cc: keramida@ceid.upatras.gr, chandler@chapman.edu, maanjee@gmail.com
Subject: Re: How dangerous a Standard User could be to a FreeBSD box?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Jan 2007 00:57:59 -0000

On Thu, Jan 11, 2007 at 08:52:44AM -0500, Nathan Vidican wrote:

> > > > > How dangerous a Standard User could be to a FreeBSD box?

> > > > Depending on local setup, this could range from 'not at all' to
> > > > 'extremely'.  Do you have a *specific* setup in mind?

> > > Standard user with the root password, a bag of explosives, a .45 magnum, 
> > > and a chip on his shoulder, say?
> > Yeah, and even a user with no account or password, a screwdriver, and
> > a Mountain Dew.

> Gotcha all beat, screw the 'standard user' issue... I had a client call 
> me once cause the office cat peed onto/into the server; no technical 
> expertise required whatsoever, no password, no re-wiring of network, 
> heck no opposable digits even or anything else for that matter, yet it 
> still managed to kill the server ;)

Ah yes, the infamous cat(1) ppp(8) exploit.  Much harder to clean up
than cat(1) dump(8), too.

Fortunately, the worst problem I've had with mine is occassional 
race conditions with mouse(4).


Jim