* VeeJay <[EMAIL PROTECTED]> [2007-01-10 13:24:22 +0100]:
> How dangerous a Standard User could be to a FreeBSD box?
Like another poster mentioned, it depends on a variety of factors. Three
things I can suggest to help you minimize security risks from local
users:
- keep your machine and software packages updated
- have policies and procedures in place detailing an Acceptable Use
Policy (AUP) and the consequences of violating them; and use it
when you have to (a lot of places have a ton of elaborate and
well-written AUPs which are never enforced)
- keep your user "shell" machines completely separate from your
other servers (web, imap, et al.), separate boxes, separate subnet,
separate passwords, etc.;
this should be obvious, but a lot of people run a lot of critical
services on the same machines that they allow users access to and
then they are surprised when a fork bomb takes down their mail
infrastructure
hth,
Thomas
--
N.J. Thomas
[EMAIL PROTECTED]
Etiamsi occiderit me, in ipso sperabo
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
