On Tuesday, 28 July 1998, at 12:21:55 (-0600), Theo de Raadt <deraadtat_private> wrote: > But those are > > REMOTE ATTACKS. True, but the point remains. Despite the fact that *BSD and Linux are more often used on single-user workstations than large servers, both OS's are gaining acceptance in the latter arena. As such, it is wise to be aware of methods for local users to Do Bad Things (tm). If a single user on a 500-user system can crash the machine by running a simple program, even without getting root, the sysadmin is likely to have 499 royally-annoyed users wanting answers, and he'd best have some to give if he likes his job. > Surely you can tell the difference between a remote attack and a local > attack. Of course. But local exploits are still exploits, except in the case of single-user-login systems, which I believe the free *NIXes moving away from. > Ob-BUGTRAQ-Posting: > > If you are logged into an NT box, you can type CTRL-ALT-DEL and take > the system down. Ok, so NT is a bad example. :-) Such a post WRT Linux would be equally stupid. However, we're talking about stuff *local users* can do, not just someone who has access to the console. Michael -- "I've been looking for a Savior in these dirty streets, Looking for a Savior beneath these dirty sheets." -- Tori Amos, "Crucify" ======================================================================= Michael Jennings http://www.tcserv.com/ <mejat_private> Senior Systems Engineer, Synectics, Inc. http://www.synectics.com/
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:09:03 PDT