Date: Wed, 10 Jan 2007 04:43:31 -0800 From: Garrett Cooper <youshi10@u.washington.edu> To: freebsd-questions@freebsd.org Subject: Re: How dangerous a Standard User could be to a FreeBSD box? Message-ID: <45A4DF73.4000408@u.washington.edu> In-Reply-To: <2cd0a0da0701100424y1f15717es81a7536c1e1e5a9a@mail.gmail.com> References: <2cd0a0da0701100424y1f15717es81a7536c1e1e5a9a@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VeeJay wrote: > Hi > > How dangerous a Standard User could be to a FreeBSD box? Depends on a number of different factors. For example: 1. What you're running. 2. The number of users who have access to the machine. 3. The data being held. 4. How up-to-date the computer is, in particular whether or not any of the programs on the computer have vulnerability issues. 5. What point the computer may serve in a cluster of machines. etc, etc. So, assuming that no vulnerabilities exist or privilege escalation doesn't occur; this can be solved by rebuilding the system when security issues occur--subscribing to security@freebsd.org can solve that, along with directions given in the handbook <http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cutting-edge.html>, auditing your ports regularly with portaudit, and just updating your ports semi-regularly. Also, assuming that the user doesn't use up all available resources on the machine ( limits(1) holds the answers for that question there along with modifying /etc/login.conf ), they should only be able to affect users in their associated groups (assuming group access to data is allowed) or merely themselves. Please be more specific with your questions as they are a bit too open ended. - -Garrett -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.1 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFpN9zEnKyINQw/HARAjMkAKCiOe2IPdtuDi47AqqHw6tPk7ayQACdHwPy JBlZ20e86iJYsiTZ66Y1LnU= =zG/3 -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45A4DF73.4000408>