Find the answer to your Linux question:
Results 1 to 9 of 9
is this safe? obviously the account would have no privileges whatsoever and there would certainly be no sudo group. the only privileges would be to run the specified applications. if ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Dec 2009
    Posts
    53

    No Password - Limited User


    is this safe? obviously the account would have no privileges whatsoever and there would certainly be no sudo group. the only privileges would be to run the specified applications.

    if not, please explain why.


    Thanks.

  2. #2
    Just Joined!
    Join Date
    Dec 2009
    Posts
    53
    bump, it's a simple question really. :P

  3. #3
    Trusted Penguin Irithori's Avatar
    Join Date
    May 2009
    Location
    Munich
    Posts
    3,391
    No Password - Limited User
    This is not enough description.
    Please expand that a little bit, I lost my magic glass ball

    Other than that, if you can already judge, that the question is easy to answer, then why do you have to ask in the first place?
    You must always face the curtain with a bow.

  4. #4
    Just Joined! awjans's Avatar
    Join Date
    Dec 2006
    Posts
    1

    Thumbs up Just take sensible precautions

    And you will be fine. I would suggest looking into using chroot to limit their access, just like we do for service users.

  5. #5
    Linux Enthusiast Mudgen's Avatar
    Join Date
    Feb 2007
    Location
    Virginia
    Posts
    664
    awjans gives good advice. chroot'ed, the risk is probably rather low. A large proportion, probably most, Linux root exploits require a local user account as a foothold for elevating privileges. So, a non-chrooted passwordless user opens up the foothold to try from. Network security can mitigate a lot.

  6. #6
    Linux Engineer Kloschüssel's Avatar
    Join Date
    Oct 2005
    Location
    Italy
    Posts
    773
    Setting up a chroot environment is a big *** full of work and I always try to avoid that if not really needed.

    You may only allow the user to login through the login screen. When sshd is disabled for the user, he must stay physically in front of your terminal to login. All other scenarios where a user can login remotely without providing a password is plain stupid from the concept.

    As you don't provide any more information, I can just suppose you may should take a look at "ACL" (acl dot bestbits dot at).

  7. #7
    Linux Enthusiast Mudgen's Avatar
    Join Date
    Feb 2007
    Location
    Virginia
    Posts
    664
    Quote Originally Posted by Kloschüssel View Post
    Setting up a chroot environment is a big *** full of work and I always try to avoid that if not really needed.
    Indeed, it would be a pointless exercise if not really needed. You have to either have a very good cookbook/roadmap or understand some rather intricate idiosyncrasies, but it's not really a lot of work to set up a chroot jail.

  8. #8
    Just Joined!
    Join Date
    Dec 2009
    Posts
    53
    ok thanks, i was considering a chroot inside a virtual machine with automatic snapshot restore through a shell script. its just a small home server to run a vpn access server and a p2p client.

    although the virtual machine and the host will be running only the bare essential networking services and a tight iptable policy, i would like to run a sshd for the host only.

    obviously the limited user account would have no password but the root account would have a 30 character pass.

    what kind of privilege escalations attack can be used on a passwordless limited user account? im probably totally missing something major here.

    the objective is really to just have a server that will boot and run with no user input.

  9. #9
    Linux Engineer Kloschüssel's Avatar
    Join Date
    Oct 2005
    Location
    Italy
    Posts
    773
    this is completeleny non-sense. you need a server that just runs without input (thus no users access it) and want to have a passwordless user?

    for what exactly do you need the anonymous user?

    I ask because I'm rather confident that you are just mistaking at some point of your masterplan, such that you think you would need something that you really don't want to have.

    a user that can access the machine is a open door. the user can execute most common software and potentially get owned of your system. listing the possibilities is hard, just think that there could be a buffer-overflow bug in some software. the user CAN once he got access to a system execute malicious code without any restrictions. the only thing that keeps him out is the login screen. if you open it ... well ... i think your immagination will help you for the rest.

    my point is: i really don't know why I should ever let someone anonymous into my computer. I have no reason to do that. a computer can have a unlimited amount of users (with the assumption you have unlimited hardware resources) that can login. with dsa/rsa signatures you can even authenticate without ever providing any password. on my systems I prevent the login of someone "bad" at all costs. that's why I installed for example fail2ban, which monitors the logfiles of sshd and bans IP addresses for a certain amount of time that try to login and fail more than N times. This little cool thingy can even detect DDOS login attacks, which can in fact lever your security by probing a big quantity of passwords in quite short periods.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •