MOO-cows Mailing List Archive
Re: Fun with FUP and root.
On Tue, 25 Feb 1997, Neil Fraser wrote:
> We just had an interesting situation at SchoolNet MOO. The SchoolNet
> computer was rebooted, and our new root (despite previous warnings)
> restarted our MOO using his account. Since our MOO has FUP installed we
> were able to write a line to a file (which was created as a root-owned
> file), chmod it +x, then using our Unix accounts move it from the files
> directory to the bin directory. Presto, now the MOO can execute any
> command with root perms. We tried it, and it worked.
> It doesn't take a rocket scientist to figure out that MOOs with FUP and
> root perms are a dangerous mix, but not every root knows just how
> flexible a MOO can be (it isn't just a Dungeon game for the kiddies).
> Fortunately only wizards who have UNIX accounts can take advanage of
> this situation when it arises.
> Live Long and Prosper! \\//_
> Neil D. Fraser
> SchoolNet Support Group
> Mail: email@example.com Web: http://www.schoolnet.ca/~nfraser/
Subject Index |