[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian GNU/Hurd on the net?

Johannes Rohr <j.rohr@comlink.apc.org> writes:

> "Alfred M. Szmidt" <ams@kemisten.nu> writes:
> 
> >    How do you access this `login' shell from remote?
> > 
> > See the login> prompt when you login? That is the login shell, it is
> > just a normal shell that is running as an anonymous user (see the
> > output of ids).
> > 
> >    Is there a known security issues?
> > 
> > None that I know of.
> 
> But even the anonymous user can to something like
> 
> cat /dev/zero > /tmp/foobar
> 
> I don't know, if this matches your definition of "security issues" but
> it's an effective way to make the box unusable.

I don't need the anonymous account to hose your system this way.

Do you log incoming network connections of any kind?  Then I can fill
up your log.

This is assuming that I'm not clever enough to just ping-flood.
Reply to: