[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] strange file
- Subject: Re: [cobalt-security] strange file
- From: "Chris Maxwell, WDSL Inc." <betateam@xxxxxxxxxxxx>
- Date: Tue, 24 Oct 2000 09:03:14 -0400
- Organization: WDSL Inc.
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hello Theodore,
All this script does is allow the user to type
dir or
dir *.* etc.
but have the shell retype it to work with the "/bin/ls" command.
I do the same thing with Windows, but have a macro for "ls" that
converts it to "dir".
-chris
Monday, October 23, 2000, 2:27:13 AM, you wrote:
TJ> Hello All,
TJ> I have a user who has telnet/shell access to my machine. On a routine
TJ> tour of things I found this in his user directory, in a folder called
TJ> "bin" in his users directory. It was named "dir" and inside it was
TJ> this:
TJ> if [ $1 ]
TJ> then
TJ> if [ -d $1 -a ! -n "$2" ]
TJ> then
TJ> ( echo -e "*** $1 ***\n"; /bin/ls -aFlh $* ) | /usr/bin/less
TJ> -EimX
TJ> else
TJ> ( echo -e "*** `pwd` ***\n"; /bin/ls -adFlh $* ) | /usr/bin/less
TJ> -EimX
TJ> fi
TJ> else
TJ> ( echo -e "*** `pwd` ***\n"; /bin/ls -adFlh .* * ) |
TJ> /usr/bin/less -EimX
TJ> fi
TJ> Can anyone explain to me what this is for and what this guy is intending
TJ> with this? Does it represent a security concern?
TJ> Thanks much,
TJ> ~ Theo
TJ> _______________________________________________
TJ> cobalt-security mailing list
TJ> cobalt-security@xxxxxxxxxxxxxxx
TJ> http://list.cobalt.com/mailman/listinfo/cobalt-security
--
Best regards,
WDSL Chris Maxwell
cmaxwell@xxxxxxxxxxx
WDSL Inc.
www.wdslinc.com
100 Hamilton Street North
P.O. Box 650
Waterdown, Ontario, Canada
905-690-6367 x234
905-689-4794 Fax
877-626-6799 Toll Free
--------------------------
Monday, October 23, 2000, 2:27:13 AM, you wrote:
TJ> Hello All,
TJ> I have a user who has telnet/shell access to my machine. On a routine
TJ> tour of things I found this in his user directory, in a folder called
TJ> "bin" in his users directory. It was named "dir" and inside it was
TJ> this:
TJ> if [ $1 ]
TJ> then
TJ> if [ -d $1 -a ! -n "$2" ]
TJ> then
TJ> ( echo -e "*** $1 ***\n"; /bin/ls -aFlh $* ) | /usr/bin/less
TJ> -EimX
TJ> else
TJ> ( echo -e "*** `pwd` ***\n"; /bin/ls -adFlh $* ) | /usr/bin/less
TJ> -EimX
TJ> fi
TJ> else
TJ> ( echo -e "*** `pwd` ***\n"; /bin/ls -adFlh .* * ) |
TJ> /usr/bin/less -EimX
TJ> fi
TJ> Can anyone explain to me what this is for and what this guy is intending
TJ> with this? Does it represent a security concern?
TJ> Thanks much,
TJ> ~ Theo
TJ> _______________________________________________
TJ> cobalt-security mailing list
TJ> cobalt-security@xxxxxxxxxxxxxxx
TJ> http://list.cobalt.com/mailman/listinfo/cobalt-security