Ultimately Safe User Account

[Bart Silverstrim]

On Sep 23, 2004, at 8:56 PM, Andrew wrote:

> Dan Rue wrote:
>>
>> How's he supposed to learn anything if all you give him is a jail with
>> ls cp mv sh and vi?  sheesh.  That'll turn him off unix pretty quick.
>
>
> Thanks for your feedback. I guess I'll just let him in and try not to
> worry. Well, the trouble is that I am the one administering the box and
> that it was this summer when I started reading heaps of unix/bsd
> documentation - for the first time in my life. I'm still paranoid about
> my own actions, not to mention smb's else. I'll give him cygwin/livecd
> as well, though.
>

If you're somewhat new (even if you're not...) I'd even more strongly 
suggest investing in VMWare or some other VM software using disk images 
to work from...it's the ultimate free reign learning environment and 
virtual jail.

Even seasoned admins can get lazy or get hit by some new trick in the 
book that they didn't previously know about.  No one I worked with was 
really familiar with SSH beyond the command line access...and they were 
impressed with X forwarding.  Then I learned about port redirection 
using SSH, so any ssh-accessible machine on the Internet could 
potentially be used to see any other machines within the same subnet as 
the ssh server, allowing me access to some machines not visible with 
simple scans of a NATed network.  Took a few times explaining how it 
worked, and it's come in handy for remote administration at times and 
the people I explained the technique to were impressed at the potential 
for this to be helpful as a tool (and as a potential security 
breach...) The point is that there are more things in system 
administration and user's minds than dreamt of in any single admin's 
philosophy, Horatio :-)

-Bart