Results 1 to 9 of 9
is this safe? obviously the account would have no privileges whatsoever and there would certainly be no sudo group. the only privileges would be to run the specified applications. if ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 03-11-2010 #1
- Join Date
- Dec 2009
No Password - Limited User
is this safe? obviously the account would have no privileges whatsoever and there would certainly be no sudo group. the only privileges would be to run the specified applications.
if not, please explain why.
- 03-11-2010 #2
- Join Date
- Dec 2009
bump, it's a simple question really. :P
- 03-11-2010 #3No Password - Limited User
Please expand that a little bit, I lost my magic glass ball
Other than that, if you can already judge, that the question is easy to answer, then why do you have to ask in the first place?You must always face the curtain with a bow.
- 03-12-2010 #4
Just take sensible precautions
And you will be fine. I would suggest looking into using chroot to limit their access, just like we do for service users.
- 03-12-2010 #5
awjans gives good advice. chroot'ed, the risk is probably rather low. A large proportion, probably most, Linux root exploits require a local user account as a foothold for elevating privileges. So, a non-chrooted passwordless user opens up the foothold to try from. Network security can mitigate a lot.
- 03-12-2010 #6
Setting up a chroot environment is a big *** full of work and I always try to avoid that if not really needed.
You may only allow the user to login through the login screen. When sshd is disabled for the user, he must stay physically in front of your terminal to login. All other scenarios where a user can login remotely without providing a password is plain stupid from the concept.
As you don't provide any more information, I can just suppose you may should take a look at "ACL" (acl dot bestbits dot at).
- 03-12-2010 #7
- 03-12-2010 #8
- Join Date
- Dec 2009
ok thanks, i was considering a chroot inside a virtual machine with automatic snapshot restore through a shell script. its just a small home server to run a vpn access server and a p2p client.
although the virtual machine and the host will be running only the bare essential networking services and a tight iptable policy, i would like to run a sshd for the host only.
obviously the limited user account would have no password but the root account would have a 30 character pass.
what kind of privilege escalations attack can be used on a passwordless limited user account? im probably totally missing something major here.
the objective is really to just have a server that will boot and run with no user input.
- 03-15-2010 #9
this is completeleny non-sense. you need a server that just runs without input (thus no users access it) and want to have a passwordless user?
for what exactly do you need the anonymous user?
I ask because I'm rather confident that you are just mistaking at some point of your masterplan, such that you think you would need something that you really don't want to have.
a user that can access the machine is a open door. the user can execute most common software and potentially get owned of your system. listing the possibilities is hard, just think that there could be a buffer-overflow bug in some software. the user CAN once he got access to a system execute malicious code without any restrictions. the only thing that keeps him out is the login screen. if you open it ... well ... i think your immagination will help you for the rest.
my point is: i really don't know why I should ever let someone anonymous into my computer. I have no reason to do that. a computer can have a unlimited amount of users (with the assumption you have unlimited hardware resources) that can login. with dsa/rsa signatures you can even authenticate without ever providing any password. on my systems I prevent the login of someone "bad" at all costs. that's why I installed for example fail2ban, which monitors the logfiles of sshd and bans IP addresses for a certain amount of time that try to login and fail more than N times. This little cool thingy can even detect DDOS login attacks, which can in fact lever your security by probing a big quantity of passwords in quite short periods.