We've been talking about Linux security issues... i'm just wondering how many fool-traps are in there and how they can be recovered, i mention one:
-bash-2.05b$ su Password: [EMAIL PROTECTED] /]# [EMAIL PROTECTED] /]# chmod +444 -R *
If anybody can see what is going on... i just changed all file-permissions to read-only on all files from the root. I was fortunate enough to do it in one of the var subfolders so i could quickly restore the damage i had done.
I found this neat script that offers you to backup a file-permission state of the path's you supply, but it's a disaster recovery method and not a prevention tool against typo's:
[begin permbackup.sh]
#!/bin/bash
if [ ! $1 ] || [ ! $2 ];then echo Please run as \"permbackup.sh /path/to/base restore-perms.sh\" echo To add a date \"permbackup.sh /path/to/base restore-perms-`date +%F`.sh\" else IFS=" " echo -n Starting to create restore file\ echo \#\!/bin/bash > $2 echo echo Restore permissions of $1 @ `date` >> $2 echo read -p \"Do you want to restore? [y/n] \" YN >> $2 echo if [ \"\$YN\" \!= \"y\" ]\; then >> $2 echo echo Abandoning restore >> $2 echo else >> $2 echo echo -n Starting restore\\\ >> $2 for file in `find $1`;do echo -n . echo echo -n . >> $2 type=`stat --format="%F" $file` if [ "$type" != "Symbolic Link" ];then echo chmod `stat --format="%a" $file` \"$file\" >> $2 echo chown `stat --format="%u:%g" $file` \"$file\" >> $2 fi done echo echo -e \\\\nRestore complete >> $2 echo fi >> $2 chmod 700 $2 echo -e \\n\\nRestore point of permissions for $1 @ `date` created.\\n\\nPlease execute \"$2\" to restore permissions.\\n fi [end permbackup.sh]
(i also made stupid typo's like "chmod +spermbackup.sh", but this aside)
I'm wondering how many pitfalls there are that one should be very cautious for and if one do falls in, how it can be restored.
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________