I run a couple of game servers and as a reward to some people I give them a small user account with ftp and shell access.
Now, I have this user who installed an IRC bouncer. I didnt check it out, and trusted he could be trusted, but when I later tried he managed to:
_ Ruin the vhost for his account
_ Block ftp access
_ Block shell access
I asked him what he did, and he said that he changed the rights on his root to be able to write to it.
I got grumpy and told him I had to remove his account and remake it, because I couldnt figure out what was wrong.
When I did I discovered a .oidentd.conf in his root.
When I moved this I could access his account again.
Well, I removed the user, and remade it.
I configured vhost and got that working.
And ftp and shell access was back again.
I restored his irc bouncer and gave him back a new pw.
Ok, slept over the night.
First thing I tested was his account.
Vhost was still working.
Also his irc bouncer.
What could be causing this?
Not shure if this person is pretending to be a friend or not, but it feels fishy.
p.s. I tried changing the password in confixx, but the access is still blocked.
If you can help me out I would really appreciate it.
Thanks for your time