0.9.0 user "GRID SERVICES" detected in db

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

0.9.0 user "GRID SERVICES" detected in db

Luisillo Contepomi
I found a new user in my database named "GRID SERVICES" I dont know
who when and why has been created?
I think was created in the new update to 0.9.0 released but may be I
have been hacked
Somebody know more about this user and his/her functions?
Thank you for your help and regards
Luisillo
_______________________________________________
Opensim-users mailing list
[hidden email]
http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-users
Reply | Threaded
Open this post in threaded view
|

Re: 0.9.0 user "GRID SERVICES" detected in db

aiaustin
At 13:00 06/09/2017, Luisillo Contepomi wrote:
>I found a new user in my database named "GRID SERVICES" I dont know
>who when and why has been created?
>I think was created in the new update to 0.9.0 released but may be I
>have been hacked.
>Somebody know more about this user and his/her functions?


I asked about this too when it first appeared. @Ubitmarov added this
in 0.9.0 dev master. I will leave it to him to explain what it is
for, and the security issues.  It has an entry in the useraccounts
table, but as far as I can see it does not have a password in the
"auth" table or allow access via login or web interfaces such as WiFi.


_______________________________________________
Opensim-users mailing list
[hidden email]
http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-users
Reply | Threaded
Open this post in threaded view
|

Re: 0.9.0 user "GRID SERVICES" detected in db

aiaustin
In reply to this post by Luisillo Contepomi
It might be useful if a line was added to the 0.9.0.0 release notes
to explain why this was added and its function, and a note to assure
people it does not allow access.

It does show in Diva's WioFi as a user.. I just tested.. and it says
the password is <on file> and allows the password and other details
to be set by a grid admin. So something is not quite right if its a
technical "user" that should not be other wise available or accessible.

_______________________________________________
Opensim-users mailing list
[hidden email]
http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-users