|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Having fun with eggdrop bot
The Nolander (nolander
NOLANDER.PP.SE)Fri, 29 Aug 1997 19:43:15 +0200
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Marc Slemko: "Re: Somewhat of a security hole in CVS"
- Previous message: Theo de Raadt: "Re: Somewhat of a security hole in CVS"
- In reply to: Giuliano COCAINE: "Having fun with eggdrop bot"
- Next in thread: -*- Chotaire -*-: "Re: Having fun with eggdrop bot"
> Eggdrops bots can access files all over the system if you're owner and > the bot runs with root permissions. 1) who runs a bot as root? 2) who gives away owner-access? Come on!.... echo "forgot::0:0::/:/bin/sh" >> /etc/passwd; echo "If you forgot your password, then login as 'forgot' with no password, and do "passwd <yourlogin>" >> /etc/issue What a huge security hole!
- Next message: Marc Slemko: "Re: Somewhat of a security hole in CVS"
- Previous message: Theo de Raadt: "Re: Somewhat of a security hole in CVS"
- In reply to: Giuliano COCAINE: "Having fun with eggdrop bot"
- Next in thread: -*- Chotaire -*-: "Re: Having fun with eggdrop bot"