From owner-freebsd-questions@FreeBSD.ORG Fri Jan 12 08:42:45 2007 Return-Path: X-Original-To: freebsd-questions@FreeBSD.ORG Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2DC7516A403 for ; Fri, 12 Jan 2007 08:42:45 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (lurza.secnetix.de [83.120.8.8]) by mx1.freebsd.org (Postfix) with ESMTP id AF77213C43E for ; Fri, 12 Jan 2007 08:42:44 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (yburah@localhost [127.0.0.1]) by lurza.secnetix.de (8.13.4/8.13.4) with ESMTP id l0C8gce5070927; Fri, 12 Jan 2007 09:42:43 +0100 (CET) (envelope-from oliver.fromme@secnetix.de) Received: (from olli@localhost) by lurza.secnetix.de (8.13.4/8.13.1/Submit) id l0C8gbka070926; Fri, 12 Jan 2007 09:42:37 +0100 (CET) (envelope-from olli) Date: Fri, 12 Jan 2007 09:42:37 +0100 (CET) Message-Id: <200701120842.l0C8gbka070926@lurza.secnetix.de> From: Oliver Fromme To: freebsd-questions@FreeBSD.ORG, list@museum.rain.com In-Reply-To: <20070112003315.GA37679@ns.umpquanet.com> X-Newsgroups: list.freebsd-questions User-Agent: tin/1.8.2-20060425 ("Shillay") (UNIX) (FreeBSD/4.11-STABLE (i386)) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.1.2 (lurza.secnetix.de [127.0.0.1]); Fri, 12 Jan 2007 09:42:43 +0100 (CET) Cc: Subject: Re: How dangerous a Standard User could be to a FreeBSD box? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-questions@FreeBSD.ORG, list@museum.rain.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Jan 2007 08:42:45 -0000 James Long wrote: > Nathan Vidican wrote: > > Gotcha all beat, screw the 'standard user' issue... I had a client call > > me once cause the office cat peed onto/into the server; no technical > > expertise required whatsoever, no password, no re-wiring of network, > > heck no opposable digits even or anything else for that matter, yet it > > still managed to kill the server ;) > > Ah yes, the infamous cat(1) ppp(8) exploit. Much harder to clean up > than cat(1) dump(8), too. > > Fortunately, the worst problem I've had with mine is occassional > race conditions with mouse(4). You mean like this one? http://www.secnetix.de/~olli/fun/cat_and_mouse.jpg (cat(1) performing a DoS attack on mouse(4).) Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way. "C++ is over-complicated nonsense. And Bjorn Shoestrap's book a danger to public health. I tried reading it once, I was in recovery for months." -- Cliff Sarginson