what's the worst a regular user can do?
I want someone to do some research on my server. So I give them permission via useradd, and then remove them later on. I never gave them super user pemissions or allowed them into any other group. Presuming they were malicious,
1. what damage could they have done to my system (worst case scenarios)?
2. What information could they have gained?
become root or use your machine to hack others
use some arbit flaw in the system and become root... then there is no saying what he can do.
the other thing he sure can do is hack other machines from ur machine, which will have ur arse on fire.
dont configure ur machine properly, dont implement quota, dont put a firewall, dont do logging .. ur machine is the safe place for the creative mind