Bourne Into Oblivion

Cleaning Up

From a high level, the Bourne script would essentially ssh into each target machine, do its thing, and then exit. As part of its “thing”, the designer of the framework wanted to make sure the script cleaned up after itself so subsequent runs of the framework would not re-process old data. To accomplish this, one of the enhancements after the initial release was to add two cryptic variables that redundantly contained the project name and the version being tested. Utilizing an unpatched flaw in sudos setup to gain real root access, the script would then do the following as part of the clean up:

rm -rf $var1/$var2

Ordinarily, this worked just fine, but the co-op student was unaware these SPECIFIC variables needed to be set. With them being left blank, the following was the end result upon execution of the script:

rm -rf /

With the script running as root on a setup with NFS which, in turn, granted access to everything on the entire UNIX/Linux network and a few Windows Servers via SAMBA, the script had a chance to do a good bit of damage… and it did. Home directories, file repositories, customer data, test results, all seemingly evaporated into nothingness.

via Bourne Into Oblivion – The Daily WTF.

My favorite shell commands

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s