How dangerous a Standard User could be to a FreeBSD box?

[Garrett Cooper]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

VeeJay wrote:
> Hi
> 
> How dangerous a Standard User could be to a FreeBSD box?

Depends on a number of different factors. For example:
1. What you're running.
2. The number of users who have access to the machine.
3. The data being held.
4. How up-to-date the computer is, in particular whether or not any of
the programs on the computer have vulnerability issues.
5. What point the computer may serve in a cluster of machines.
etc, etc.

So, assuming that no vulnerabilities exist or privilege escalation
doesn't occur; this can be solved by rebuilding the system when security
issues occur--subscribing to security at freebsd.org can solve that, along
with directions given in the handbook
<http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cutting-edge.html>,
auditing your ports regularly with portaudit, and just updating your
ports semi-regularly.

Also, assuming that the user doesn't use up all available resources on
the machine ( limits(1) holds the answers for that question there along
with modifying /etc/login.conf ), they should only be able to affect
users in their associated groups (assuming group access to data is
allowed) or merely themselves.

Please be more specific with your questions as they are a bit too open
ended.
- -Garrett
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.1 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFpN9zEnKyINQw/HARAjMkAKCiOe2IPdtuDi47AqqHw6tPk7ayQACdHwPy
JBlZ20e86iJYsiTZ66Y1LnU=
=zG/3
-----END PGP SIGNATURE-----