what's the worst a regular user can do?

**samf** · 12-13-2004

I want someone to do some research on my server. So I give them permission via useradd, and then remove them later on. I never gave them super user pemissions or allowed them into any other group. Presuming they were malicious,

1. what damage could they have done to my system (worst case scenarios)?
2. What information could they have gained?

**lakerdonald** · 12-13-2004

filled up your hard drive with useless stuff, exploited any bug in your server, etc.
what they could do would be dependent on how skilled the user is.
-lakerdonald

**stathisx** · 01-06-2005

be sure to give him the right permissions ....any wrong permission set will maybe lead to lose data that you want...so be careful!!!

**valan** · 01-06-2005

You might want to check the permissions of the stuff in /etc to be sure he can't read any files he shouldnt be reading. Careful though, some programs are pretty picky about what permission their conf files have.

**mehkriakram** · 02-22-2005

use some arbit flaw in the system and become root... then there is no saying what he can do.

the other thing he sure can do is hack other machines from ur machine, which will have ur arse on fire.

dont configure ur machine properly, dont implement quota, dont put a firewall, dont do logging .. ur machine is the safe place for the creative mind

Thread Tools

Display

what's the worst a regular user can do?

become root or use your machine to hack others

Posting Permissions