Date: Sun, 25 Jun 2000 12:09:13 -0400 (EDT) From: Chris <kingsqueak@kingsqueak.org> To: phrack_ p h r a c k <phrack_@hotmail.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: BitchX Dangerous? Message-ID: <Pine.BSF.4.21.0006251204240.41803-100000@kingsqueak.org> In-Reply-To: <20000625043023.1354.qmail@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Well, with BitchX, if you enter /exec rm -rf it ...will. That's not just a BitchX thing, it is possible with all ircII clients iirc. Also, pretty sure the default compile options enable the screen functionality. C-z will suspend BitchX and most likely give the user a shell prompt. It is far from a locked down login ;-). Another less severe but potentially aggravating situation is if you are using a static ip... some kiddie abuses the login you gave him and now your ip is Akilled by the irc nets he was on. On Sun, 25 Jun 2000, phrack_ p h r a c k wrote: > I was recently informed that there was a way for a user to type a > command(s) in BitchX and get a command line, i have a user acct on my box > that > defaults to BitchX when this user ssh's in, if i only want that user to use > bitchX > but am afraid that user knows far more than i and dont want to take the > chance of something like that happening does anyone know where i could read > up more on this and how to prevent it > > > ________________________________________________________________________ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-newbies" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0006251204240.41803-100000>