[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] New RFID Mailing List Owner 0day
- To: "full-disclosure@xxxxxxxxxxxx" <full-disclosure@xxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] New RFID Mailing List Owner 0day
- From: "Jeffrey Denton" <dentonj@xxxxxxxxx>
- Date: Sat, 29 Sep 2007 20:01:39 +0200
Your script assumes a few things that are not part of a default
Slackware install.
# This script was created for use on Slackware!
> exit 5
What is the purpose of the exit status code of 5? Yes, any non-zero
number indicates an error. Common exit codes are 0 (succeeded), 1 (or
any non-zero number, failure), 126 (command found but not executable),
127 (command not found), and 128+N (fatal error where N is the SIGNAL
that caused the exit). An exit status of 5 works, just curious as to
its purpose.
> chown root.staff ping
"staff" is not a default group in Slackware. Your script assumes that
it has already been created.
> chmod 500 ttysnoop
"ttysnoop" is not installed by Slackware.
> chmod 600 inetd.conf
It would also be a good idea to remove the execute permissions from
/etc/rc.d/rc.inetd and any other service in /etc/rc.d that isn't
needed. Restricting the read permissions of the contents of that
directory is also a good idea.
> cp /root/slack/syslog.conf /etc
The file, "/root/slack/syslog.conf" does not exist by default in Slackware.
> # Tighten up the log file perms now
> cd /var/log
> chmod 600 syslog log.auth log.cron log.daemon log.kern log.mail
> log.mark log.syslog
> chmod 600 log.user messages ftp.log secure.log
> chown root.wheel syslog log.auth log.cron log.daemon log.kern
> log.mail log.mark log.syslog
> chown root.wheel log.user messages ftp.log secure.log
Most of these files do not exist by default. I'll assume that they
are the product of your custom syslog.conf.
> echo "MAKE SURE YOU ADD USERS THAT YOU WANT TO BE ABLE TO SU TO
> ROOT"
> echo "TO THE ROOT AND WHEEL GROUPS OR THEY WON'T BE ABLE TO!!!!!!."
There is nothing in a default Slackware install that will restrict the
use of the "su" command. Slackware does not use PAM. The
"/etc/suauth" file does not exist by default.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/