Social Engineering:

The art of getting someone else to do something that you would like them to do.

HI Shirley, how ya doing? This is Bill Jacobs. Things kindof busy today? I've been running around like crazy... One of the linemen is sick.. Hey listen, I'm sitting on a pole right now and need the number on this pair.

Sure, the number is 555-5555.

Ok great, thanks alot Shirley!

Bill has just received the remote dialup number for xyz corporation. He will now find a remote "can" and setup a diverter on it. This will allow "Bill" to dial the diverter from some location and then get his call to jump to the dialup number he just found. You see, Bill isn't a linemen, and he doesn't work for AT&T. But that doesn't matter, as long as "Shirley" thinks he does.

CCSO Administration, Billy Bones, how may I help you?

Hey Bill, this is Bort Martin. I just tried doing an ls in my directory and it doesn't seem to work. I can't figure whats going on. It keeps giving me permission denied.

"Billy sighs to himself wishing people would stop bothering him with mundane problems."
Ok, hang on let me look.
"Billy logs in as root, changes into Bort's directory and types ls -l to look at file permissions. The directory wizzes by and everything looks fine"
I can't seem to see any problem here... why don't you try again.

Ok, thanks!

Billy the sysadmin has fallen prey to several blunders.

First:

Having a "." entry in your path means that the shell will look for binaries in your current working directory. Having "." first in your path means it will check the current working directory right away.

Bort has placed a binary called ls in his directory. When Billy types ls -l he ran it. This version of ls, created a root shell, then rm'd itself and finally ran the real ls.

Second:

Bort assumed that this was just some luser who didn't have a clue.

Always consider your actions prior to taking them!