I want to know are there any risk if I do not allow user to have any shell access. (actually, I do not know about Solaris much) Well, what I understand is if I do not assign any shell access to a user, then those user cannot access command line. So, they should not have any risk to concern about those user? Maybe I get it all wrong. I'm not sure. Please help T_T
There are many ways in which security can be compromised even if the user doesn't have direct shell access. Some ways include:
1) php/sql injections which in certain cases can trick a php file (f.e.) to disclose system information or execute a certain command. (This should be included in 2) )
2) user-space application vulnerability which can also be tricked in certain cases to behave differently than you expect. Let's create a very simple and
vulnerable C program:
Now, I could create another program (exploit) to overflow buf char array until a point in which strcpy()'s eip register is overflown with the start address of a certain
shellcode (machine instructions) of mine. PS: there are very ways in which this can be prevented, but there are other exploitation techniques.
3) kernel-space vulnerability in which we can go out virtual mode and access hardware directly (enter kernel space) or simply freeze your system. Same examples include
the famous integer overflows, NULL pointer dereferences, etc..
4) dummy administrators: https://www.unix.com/shell-programmin...directory.html
5) physical access with/without encryption (with encryption only if the machine is turned on -- cold boot attack)
So, if you're not careful there are many ways in which your system can be compromised, but don't let this allow any script kiddiot to trick you into think he has access to your machines (that's very unlikely).
