From owner-freebsd-questions@FreeBSD.ORG Fri Sep 24 00:55:45 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DAA5516A4CE for ; Fri, 24 Sep 2004 00:55:45 +0000 (GMT) Received: from mx1.mail.ru (mx1.mail.ru [194.67.23.121]) by mx1.FreeBSD.org (Postfix) with ESMTP id 99F6643D39 for ; Fri, 24 Sep 2004 00:55:45 +0000 (GMT) (envelope-from infofarmer@mail.ru) Received: from [83.237.13.12] (port=1692 helo=SATPC) by mx1.mail.ru with smtp id 1CAeNE-000P60-00; Fri, 24 Sep 2004 04:55:44 +0400 Message-ID: <001101c4a1d1$639ce540$460011ac@SATPC> From: "Andrew" To: "Dan Rue" References: <2D8BB15C7B5C214F81C32D3A83B32736013D45B3@idbexc01.americas.cpqcorp.net> <20040923223849.GK40647@therub.org> Date: Fri, 24 Sep 2004 04:56:56 +0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1437 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441 X-Spam: Not detected cc: freebsd-questions@freebsd.org Subject: Re: Ultimately Safe User Account X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Sep 2004 00:55:46 -0000 Dan Rue wrote: > A live CD is a good suggestion. > > I have to disagree with the idea behind this whole thing, though. I > mean, if this guy's really your friend, I don't see what you're so > worried about. It's really pretty tough to 'accidently' break things as > a user on a system, as long as the system is moderately well > administered. > > If you're concerned about him using a bad password, give him a > sufficient warning and run john the ripper against your password file > for a couple of days. > > Also, don't allow any clear-text protocols such as samba, ftp, telnet, > etc etc. > > Dang, man, I had a friend that ran an /open/ shell server in high > school. He had over 100,000 users, and didn't get hacked (well, he did > at first, but that's when he was running linux :) ). > > How's he supposed to learn anything if all you give him is a jail with > ls cp mv sh and vi? sheesh. That'll turn him off unix pretty quick. Thanks for your feedback. I guess I'll just let him in and try not to worry. Well, the trouble is that I am the one administering the box and that it was this summer when I started reading heaps of unix/bsd documentation - for the first time in my life. I'm still paranoid about my own actions, not to mention smb's else. I'll give him cygwin/livecd as well, though. Thanks again! Regards, Andrew P.