Anything? How will it be prevented from being used to attack other machines
(other than attacks that require root on the attacking machine), or to relay
spam, or to act as a warez/mp3/whatever server (sure, quotas could be used,
but are they? And even if they are, does it have enough space for a few
And if that account is also used for mail reading, it could send your
mailbox to the attacker, delete or alter your mail, etc. It'd also have
access to a bunch of e-mail addresses that it could forward itself to.
> That should do no harm. What you mean to say is "if somebody is dumb enough
> to execute any program recieved by email under a user account that has
> permissions to modify files he cares about, consume too many process slots,
> consume excessive vm, or has other special capabilities".
And by default, even the nobody user can use virtually all the memory or
processes it wants. Even with only a few process slots, it could steal a
decent amount of CPU cycles (hmm... a distributed.net worm? :-).
> If a user can run code that can harm the system, then nobody who isn't
> trusted not to harm the system can be a user. That's not how we want Linux
> to be, is it?
If you define "harm the system" as perform any unauthorized
externally-visible (relative to the sandbox) action, then Linux is a *long*
way from achieving that.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to email@example.com
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/