|a faustian collage, based on a photo by Aaron Escobar (CC BY 2.0)|
Not that I think anyone will care, or even notice this post, but today I found a root access vulnerability in OS X... (and so far you think, hey cool, that's relevant) ...10.4.11.
Click for relevant sound effect.
(Or here if you don't parse HTML5, and if you don't like data URI's, well, one day I will figure out how to construct the long bridge across the abyss that lies between us. Maybe.)(. Until then go to this page and hit play; hopefully my timing being absolutely awkward will only enhance the entertainment value.)
What follows is a reenactment of the scene in my virtual world.
Walking in a freshly built room in the Terminal, I wave hello to my UNIX, who waves back, cheery as always.
UNIX: "This is faust's UNIX representative. Can I help you, faust?"
Me: "Who am I?"
UNIX: "This is faust's UNIX representative. You are faust, of course."
Me: "Hey, I want you to do something for me, it will be fun. Actually its two things, and you have to do them at the same time. Make this official business, so you can pretend I have top-level clearances. Start a transcript as if I were the 'boss,' even though we both know you know I am not, and we both also know you will be recording this conversation to tell anyone who wants to know. Make the transcript a plain text file, call it 'transcript' -- and, at the same time, wink this whole room out of existence by destroying the spacetime in which it resides."
UNIX: "This is faust's UNIX representative. That requires authorization. What is your password?"
Me: "'Friend, and Enter.'"
UNIX: "This is faust's UNIX representative. OK. I started a transcript, it will be called 'transcript.txt.'"
Me: "Who am I?"
UNIX: "This is The Boss's UNIX representative. You are the Boss, of course."
Here's what this actually looked like in Terminal -- well, as actually as I am comfortable with:
It works with both the commands 'kill' (using the process identification number for 'login,' the process logging me into UNIX via terminal) and 'killall' (using the name of that process, which is 'login' ). It works if you use a chain of && commands, as long as killing login is the last. It may even work if killing login isn't the last. When the prompt comes back, you are still logged in -- as root.
What I want to know is: does this work on any other flavors of UNIX?
Please leave a comment if you try it and it does. I love comments. That's why I blog.
Be seeing you.