Re: Fun with FUP and root.

• Date: Wed, 26 Feb 1997 01:32:07 PST
• From:
  Colin McCormick <cfm21@hermes.cam.ac.uk>
• Content-Type: TEXT/PLAIN; charset=US-ASCII
• In-Reply-To: <Pine.SOL.3.91.970225215255.749A-100000@schoolnet2>

On Tue, 25 Feb 1997, Neil Fraser wrote:

> 
> We just had an interesting situation at SchoolNet MOO.  The SchoolNet 
> computer was rebooted, and our new root (despite previous warnings) 
> restarted our MOO using his account.  Since our MOO has FUP installed we 
> were able to write a line to a file (which was created as a root-owned 
> file), chmod it +x, then using our Unix accounts move it from the files 
> directory to the bin directory.  Presto, now the MOO can execute any 
> command with root perms.  We tried it, and it worked.
> 
> It doesn't take a rocket scientist to figure out that MOOs with FUP and 
> root perms are a dangerous mix, but not every root knows just how 
> flexible a MOO can be (it isn't just a Dungeon game for the kiddies).  
> Fortunately only wizards who  have UNIX accounts can take advanage of 
> this situation when it arises.
> 
>                                        Live Long and Prosper!  \\//_
>                                        Neil D. Fraser
>                                        SchoolNet Support Group
> Mail: nfraser@schoolnet.ca  Web: http://www.schoolnet.ca/~nfraser/
> 
> 
> 

• Fun with FUP and root.
• From: Neil Fraser <nfraser@schoolnet2.schoolnet.ca>

• Prev: Fun with FUP and root.
• Next: Re: Fun with FUP and root.
• Index: MOO-cows
• Thread: MOO-cows