Tuesday, March 23, 2004

Comments

I found this recently randomly rooting through the file system at UGCS. Users who log in when over their quota are presented with a limited shell, which is actually a short script (/ug/adm/scripts/quota-shell) that I will selectively quote here. First, the user is faced with a menu to choose from:

echo " You are in excess of your quota by $exceed KB. Your choices are: 1) Endure a mandated delay of \c" [ $hours != 0 ] && echo "$hours hours and \c" echo "$mins minutes, then log in as normal. 2) Start a restricted shell which allows you to clean up your directory. 3) Send an email message to the UGCS system administrators. 4) Log out and come back some other time to deal with your problem. 5) Play UGCS Quota Roulette. (Select the option for more information.) You currently have `mailcheck` Not that you can read your mail or anything.... What is your choice (number 1 - 5)? \c" read choice || exit

Hmm, the "UGCS Quota Roulette" sounds intriguing...

5) echo " Okay, the deal, should you be stupid enough to accept it, is a nine in ten chance that you will be given your normal login with no delay, and a one in ten chance that your home directory will be completely deleted. Do you agree to these conditions? \c" read agree case "$agree" in y*) word=`fortune dict` echo " Are you absolutely, positively certain? Remember, you are agreeing to a TEN-PERCENT CHANCE that your ENTIRE HOME DIR will be COMPLETELY ERASED. The system administrators will not be liable for this, nor will they restore your data from backup. You can still back out, just press control-C right now. Otherwise, please type \"$word\" (with no quotes) to prove your stupidity: \c" read confirm if [ "$confirm" != "$word" ]; then echo " You didn't enter the correct word -- either you can't type, or you were struck by a fit of sanity. Try one of the other options available to you." else echo " Okay, here goes ... " echo "To: sysadmin From: $USER Subject: I am a stupid user! This is the quota script, notifying you that user \"$USER\" has chosen to play UGCS Quota Roulette. The outcome had not yet been computed when this mail was sent, but it should be obvious from the size of the user's home directory. Snickering, UGCS" | /usr/lib/sendmail sysadmin case `ksh -c 'let a=$RANDOM%6 ; echo $a'` in 3) find $HOME/. -user $USER -print0 | xargs -0 /bin/rm -rf > /dev/null 2>&1 & echo " oooooo oooo ooooo .o. \`888. .8' \`888' 888 \`888. .8' .ooooo. oooo oooo 888 .ooooo. .oooo.o .ooooo. 888 \`888.8' d88' \`88b \`888 \`888 888 d88' \`88b d88( \"8 d88' \`88b Y8P \`888' 888 888 888 888 888 888 888 \`\"Y88b. 888ooo888 \`8' 888 888 888 888 888 888 o 888 888 o. )88b 888 .o .o. o888o \`Y8bod8P' \`V88V\"V8P' o888ooooood8 \`Y8bod8P' 8\"\"888P' \`Y8bod 8P' Y8P Don't even bother trying to stop the script -- your home directory is being erased in the background, and only cutting the power cable could stop it now. On the bright side, the next time you log in you will probably be under quota, and you'll get a login shell right away." byebye ;; *) echo " Well, you got lucky this time."

As you can see, the Roulette is for real! Notice, however, that the advertised chance of an account purge is one in ten, and that the actual chances are 1 in 6. Those UGCS admins, they have a great sense of humor.

0 Comments:

Post a Comment

Post a Comment

« Home