-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, Nov 10, 2016 at 07:40:06AM -0600, Richard Owlett wrote: > On 11/10/2016 5:20 AM, to...@tuxteam.de wrote: > >-----BEGIN PGP SIGNED MESSAGE----- > >Hash: SHA1 > > > >On Thu, Nov 10, 2016 at 04:53:47AM -0600, Richard Owlett wrote: > >>On 11/9/2016 5:16 PM, Lisi Reisz wrote: > >>>On Sunday 06 November 2016 16:47:00 Richard Owlett wrote: > >>>>[snip] > >>>>Based on responses to previous posts titled "Trivial script will > >>>>NOT execute" and "Permissions for an entire PARTITION" I have > >>>>multiple problems understanding Linux file systems generally. > >>> > >>>I imagine you have seen this lot - especially the top three?? > >>>https://www.google.co.uk/search?q=basic+debian+file+system&oq=basic+debian+file+system&aqs=chrome..69i57.7617j0j7&sourceid=chrome&ie=UTF-8 > >>> > >>>Lisi > >> > >>Yes, but not in the context of a sub-project from last few days. > >>I suspect what I aiming at might look like - the groups and > >>permission bits set at time partition created, thus avoiding games > >>with /etc/fstab . > >> > >>richard@jessie-defaults:~$ > >>richard@jessie-defaults:~$ ls -l /dev/sd* > >>brw-rw---- 1 root disk 8, 0 Nov 10 03:35 /dev/sda > >>brw-rw---- 1 root owl 8, 1 Nov 10 03:35 /dev/sda1 > >>brw-rw-r-- 1 root owl 8, 2 Nov 10 03:35 /dev/sda2 > >>brw-rw---- 1 root disk 8, 3 Nov 10 03:35 /dev/sda3 > >>brw-rw---- 1 root disk 8, 5 Nov 10 03:35 /dev/sda5 > >>brw-rw---- 1 root disk 8, 16 Nov 10 04:43 /dev/sdb > >>br--rw-r-- 1 root owl 8, 17 Nov 10 04:43 /dev/sdb1 > > > >Note that with this setting, "you" can thrash whatever is in /dev/sda > >through /dev/sdb (write access). > > I don't understand.
Hm. Too concise (both of us ;-) I'll give it a shot. By "you" I meant "user owl, i.e. any program running under that user". Was that the unclear part? [...] > It doesn't "scare" me for a very good reason - the system in > question has no network capability, let alone internet access. In > fact the particular laptop had its disk wiped and a fresh install of > Debian 3 times yesterday. I know. Just refining some points to keep in mind: not every "malware" comes "directly" from the Internet. It may be through a malicious USB stick; it may be that neat Emacs Lisp given to you, it may be a PostScript file or a PDF, it may be (given suitable vulnerabilities) a JPEG or a video. But yeah, I'm all for "keep your eyes open, and whenever you miss one of your feet, learn from it". I practice that myself :-) regards - -- t -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlgkfOsACgkQBcgs9XrR2kYChACeIqPJ6dJcz2JmCosiF4nnPAP4 YwYAnRLlgs0fs3EKdbMLxgelFviXRv4w =S+f0 -----END PGP SIGNATURE-----