[Dxspider-support] Stored user login scripts
Thomas.Maisl at gmx.de
Thomas.Maisl at gmx.de
Tue Aug 12 11:07:09 BST 2003
> On Mon, 2003-08-11 at 12:45, Thomas.Maisl at gmx.de wrote:
>
> > >
> > We are running DX-Spider on a linux system (Debian woody) and allow HAMs
> to
> > login to the system using axspawn (or telnet etc.). From within the
> shell
> > they are now able to create their own script in /spider/scripts (after
> changing
> > permissions of /spider/scripts).
> >
> Can I just say that although I understand the sentiment here, I suggest
> that this is a REALLY bad thing to do! The security implications are
> huge!
If connected to the internet - you are right.
But I don't see a big risk for our system as we only have RF-Ports and no
internet connection..
We installed the system mainly as a open box to play and learn from..
DX-Spider is only one of our services..
If someone really likes to hack the box - we do have backup (and may lose
some spots and user accounts one day due to HD failure or hacker). Maybe the
hacker is a coming soon co-sysop of the system ;)
73 de Thomas
--
COMPUTERBILD 15/03: Premium-e-mail-Dienste im Test
--------------------------------------------------
1. GMX TopMail - Platz 1 und Testsieger!
2. GMX ProMail - Platz 2 und Preis-Qualitätssieger!
3. Arcor - 4. web.de - 5. T-Online - 6. freenet.de - 7. daybyday - 8. e-Post
More information about the Dxspider-support
mailing list