Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 11 Jan 2007 16:33:15 -0800
From:      James Long <list@museum.rain.com>
To:        Nathan Vidican <nathan@vidican.com>, questions@freebsd.org
Cc:        keramida@ceid.upatras.gr, chandler@chapman.edu, maanjee@gmail.com
Subject:   Re: How dangerous a Standard User could be to a FreeBSD box?
Message-ID:  <20070112003315.GA37679@ns.umpquanet.com>
In-Reply-To: <45A6412C.308@vidican.com>
References:  <20070111052604.BAC5D16A575@hub.freebsd.org> <20070111062058.GA44045@ns.umpquanet.com> <45A6412C.308@vidican.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jan 11, 2007 at 08:52:44AM -0500, Nathan Vidican wrote:

> > > > > How dangerous a Standard User could be to a FreeBSD box?

> > > > Depending on local setup, this could range from 'not at all' to
> > > > 'extremely'.  Do you have a *specific* setup in mind?

> > > Standard user with the root password, a bag of explosives, a .45 magnum, 
> > > and a chip on his shoulder, say?
> > Yeah, and even a user with no account or password, a screwdriver, and
> > a Mountain Dew.

> Gotcha all beat, screw the 'standard user' issue... I had a client call 
> me once cause the office cat peed onto/into the server; no technical 
> expertise required whatsoever, no password, no re-wiring of network, 
> heck no opposable digits even or anything else for that matter, yet it 
> still managed to kill the server ;)

Ah yes, the infamous cat(1) ppp(8) exploit.  Much harder to clean up
than cat(1) dump(8), too.

Fortunately, the worst problem I've had with mine is occassional 
race conditions with mouse(4).


Jim



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070112003315.GA37679>