[darcs-users] Re: Access control
Antti-Juhani Kaijanaho
antti-juhani at kaijanaho.info
Sat Apr 30 18:18:22 UTC 2005
On 20050430T194857+0200, Thomas Zander wrote:
> Seriously; allowing shell access to a new user has 2 serious implications,
> and nothing else. 1) your system might have bad permissions setup which
> allows the user to see personal things (like other peoples homedirs).
> 2) they can use your cpu time ;)
There is a 3) if they are malicious, they get to try local exploits
instead of remote ones. Local security is potentially easier to crack
than external security.
And don't say only bad distros have local holes. All of them do; the
best only fix them faster.
--
Antti-Juhani Kaijanaho http://antti-juhani.kaijanaho.info/
Blogi - http://kaijanaho.info/antti-juhani/blog/
Toys - http://www.cc.jyu.fi/yhd/toys/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.osuosl.org/pipermail/darcs-users/attachments/20050430/f29bb380/attachment.pgp
More information about the darcs-users
mailing list