Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: New RFID Mailing List Owner 0day

From: "Jeffrey Denton" <dentonj () gmail com>
Date: Sat, 29 Sep 2007 20:01:39 +0200
Your script assumes a few things that are not part of a default
Slackware install.

# This script was created for use on Slackware!


        exit 5


What is the purpose of the exit status code of 5?  Yes, any non-zero
number indicates an error.  Common exit codes are 0 (succeeded), 1 (or
any non-zero number, failure), 126 (command found but not executable),
127 (command not found), and 128+N (fatal error where N is the SIGNAL
that caused the exit).  An exit status of 5 works, just curious as to
its purpose.


chown root.staff ping


"staff" is not a default group in Slackware.  Your script assumes that
it has already been created.


chmod 500 ttysnoop


"ttysnoop" is not installed by Slackware.


chmod 600 inetd.conf


It would also be a good idea to remove the execute permissions from
/etc/rc.d/rc.inetd and any other service in /etc/rc.d that isn't
needed.  Restricting the read permissions of the contents of that
directory is also a good idea.


cp /root/slack/syslog.conf /etc


The file, "/root/slack/syslog.conf" does not exist by default in Slackware.


# Tighten up the log file perms now
cd /var/log
chmod 600 syslog log.auth log.cron log.daemon log.kern log.mail
log.mark log.syslog
chmod 600 log.user messages ftp.log secure.log
chown root.wheel syslog log.auth log.cron log.daemon log.kern
log.mail log.mark log.syslog
chown root.wheel log.user messages ftp.log secure.log


Most of these files do not exist by default.  I'll assume that they
are the product of your custom syslog.conf.


echo "MAKE SURE YOU ADD USERS THAT YOU WANT TO BE ABLE TO SU TO
ROOT"
echo "TO THE ROOT AND WHEEL GROUPS OR THEY WON'T BE ABLE TO!!!!!!."


There is nothing in a default Slackware install that will restrict the
use of the "su" command.  Slackware does not use PAM.  The
"/etc/suauth" file does not exist by default.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: