Re: Compromise of the nobody account?

In article
<40444316-1278-4dd9-86f9-b3fb08642b29@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>,
mike3 <mike4ty4@xxxxxxxxx> wrote:

On Jan 29, 3:49 pm, mike3 <mike4...@xxxxxxxxx> wrote:
On Jan 28, 12:40 pm, ibupro...@xxxxxxxxxxxxxxxxxxxxxx (Moe Trin)
wrote:> On Sun, 27 Jan 2008, in the Usenet newsgroup comp.security.unix, in
article

<snip>

Thanks for the good response. However, I still would like to know,
namely: what's the most damage a cracker could do running as
"nobody", and could they potentially screw with the system memory
using a program running as "nobody" to execute malicious code
somewhere else (like overwrite part of a program that has much
higher privilege (ie. root) on it with some sort of malicious code
that
does something like send "rm -rf /*" as root, grab /etc/shadow, launch
a root shell, etc.)? Is it safe to be lax in one's estimation of the
damage that could be caused running as "nobody", or could
quite a bit be done by a clever enough cracker?

Other possibilities I was thinking of would include a program that
for example tries to fill up the CPU or flood the network connections
with data (so if the system is a server, then doing this may hamper
use of the services it serves), or attempt to "zombify" the machine
and
make it send packets like crazy to some site to as part of a DDoS
attack.

If there are system bugs that allow such things, they could be exploited
from ANY user account. There's nothing special about the "nobody"
account in this regard.

As I said yesterday, there are only two types of accounts in Unix: root
and everyone else. Root has super powers, everyone else is restricted
in what they can do.

--
Barry Margolin, barmar@xxxxxxxxxxxx
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
.

Relevant Pages

  • Re: Compromise of the nobody account?
    ... what's the most damage a cracker could do running as ... "nobody", and could they potentially screw with the system memory ... a root shell, etc.)? ...
    (comp.security.unix)
  • If the swiss publishings can exclude admiringly, the worthwhile fitting may toss more obelisks.
    ... Nobody almost damage in back of strange ... isolated churchs. ...
    (sci.crypt)
  • Re: More on learning "Public Key Authentication"
    ... >>> time by a cracker with a fast computer. ... >> But they'd have to break into root on your machine first to get ... > As for the ease of getting the encrypted password directly from the ... > Mac, even without access to root, that is not much of a problem. ...
    (comp.sys.mac.system)
  • Re: The Leap to Linux
    ... > they are just not secure. ... samba - encrypted passwords = Easier for cracker to gain root access. ... displayed ROOT vulnrabilities. ...
    (alt.os.linux)
  • Re: unintended wireless?
    ... >>Here is why you need a FORMAT and clean install when your box IS cracked. ... That will tell you about known root kits if you have one. ... >>The cracker may not have installed a rootkit. ... >>Always login from the console, no su, telnet, ssh,.. ...
    (alt.computer.security)