Re: Now We Are Rollin'
On Sun, 30 Nov 2003 21:18:38 -0500, Paul Smith wrote: > > Heh. The only time I ever screwed up a UNIX box (and I've been using > UNIX for a _LONG_ time), it was actually because of Linux. > Me too. Where the heck's /etc/bin gone? :) > > Of course, to write the image to the floppy from a SunOS box you'd use > dd to write to /dev/fd0. Well, one time I mistyped that as /dev/hd0 > instead. My system didn't like that too much _AT ALL_. :-/ :). OK, you have definitely got me beat :> Which just goes to show that you don't need to be dumb or inexperienced to screw up a system. All you need is the root password and enough time. Logging in as root is (as is pointer arithmetic in C) like giving a small child a loaded gun. Sooner or later it's going to go off, and someone is probably going to get hurt :) -- paul "The average lifespan of a Web page today is 100 days. This is no way to run a culture." Internet Archive Board Chairman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Now We Are Rollin'
On Sun, Nov 30, 2003 at 02:43:25AM -0800, Scarletdown wrote > I finally fixed my XF86 problems at last. It seems that all I > had to do to stop both the flickering and the crashing is lower > the default resolution and color depth. Previously, I was running > 1024x768 24- Bit color. Changing to 800x600 16-Bit color seems to > have done the trick. If you can run 800 X 600 X 16, you can run 800 X 600 X 24. Note that "24-bit-mode" will use 32 bits, i.e 4 bytes, per pixel. This is due to a shortcut which pounds out whole words (16 bits) at a time rather than bytes (8 bits). This speeds things up, which is why it's done that way. > It's kind of a bummer not being able to use the higher settings > (since a 4MB S3 Virge should be able to handle it just fine), but > it is worth the trade-off, and both the GNOME and KDE desktops look > really nice now. Perhaps one of these days I will score a cheap used > 8MB PCI video card at one of the thrift stores, then I can give the > higher resolutions another go. Your display resolution limit might be due to your *MONITOR*, rather than your video card. Your video card has enough ram to display 1600 X 1200 X 16 or 1152 X 864 X 24. The default horizontal and vertical frequency assignments in X may not be optimal for you monitor. If you have the specs for you monitor, check out... http://koala.ilog.fr/cgi-bin/nph-colas-modelines The site takes your specs and generates modelines for use with X. Note, you need to enable javascript. This is one of the few sites where it's actually justified to require javascript. -- Walter Dnes <[EMAIL PROTECTED]> Email users are divided into two classes; 1) Those who have effective spam-blocking 2) Those who wish they did -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Now We Are Rollin'
%% Paul Morgan <[EMAIL PROTECTED]> writes: pm> - however, my dumbest stunt came from an su to root: pm> rm -fr /bin /usr pm> instead of pm> rm -fr bin usr pm> ...that one's tough to beat on the scale of dumbness. Or on the pm> scale of "negative system impact", as they say. Heh. The only time I ever screwed up a UNIX box (and I've been using UNIX for a _LONG_ time), it was actually because of Linux. Back in 1993 when I first started using Linux I used to get Slackware etc. distros by downloading them at work and writing them to a bunch of floppies to take home and load on my Intel box. I had a SPARC running SunOS 4.1.x at work then. Of course, to write the image to the floppy from a SunOS box you'd use dd to write to /dev/fd0. Well, one time I mistyped that as /dev/hd0 instead. My system didn't like that too much _AT ALL_. :-/ :). -- --- Paul D. Smith <[EMAIL PROTECTED]> HASMAT--HA Software Mthds & Tools "Please remain calm...I may be mad, but I am a professional." --Mad Scientist --- These are my opinions---Nortel Networks takes no responsibility for them. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Now We Are Rollin'
On Sun, 30 Nov 2003 17:30:05 -0600, Hugo Vanwoerkom wrote: > Monique Y. Herman wrote: >> On Sun, 30 Nov 2003 at 20:00 GMT, Paul Morgan penned: >> >>>On Sun, 30 Nov 2003 11:37:56 -0700, Monique Y. Herman wrote: >>> >>> On Sun, 30 Nov 2003 at 12:04 GMT, Paul Morgan penned: >You have a fair chance of gaining some unexpected experience points >by logging into X as root, unless you are unplugging all external >network devices first. Not allowing root access to X is pretty much >at the top of my "never, ever do this under any circumstances" list. >There are several ways in which you can get hurt, none of which I >wish to advertise in an open forum. > Security through obscurity? C'mon, now! Inquiring minds want to know! >>> >>>Very funny, kiddo :) >> >> >> I was genuinely curious ... but hey, whatever. I rarely even run X, let >> alone as root! >> >> >>> I don't want to get anyone's system fscked up, they're all pretty >>> much documented in security howtos, etc. >>> >>>Anyway, if one *doesn't* allow root login access to X, one can't >>>accidentally do dumb stuff like execute IRC clients, etc. >> >> >> IIRC, either xchat or bitchx ... probably bitchx ... won't even let you >> run as root. >> > > and GDM won't let you login as root... > > Hugo. > Not so. The *default config* won't allow root logins. Because it's an inadvisable thing to do. -- paul "The average lifespan of a Web page today is 100 days. This is no way to run a culture." Internet Archive Board Chairman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Now We Are Rollin'
Monique Y. Herman wrote: On Sun, 30 Nov 2003 at 20:00 GMT, Paul Morgan penned: On Sun, 30 Nov 2003 11:37:56 -0700, Monique Y. Herman wrote: On Sun, 30 Nov 2003 at 12:04 GMT, Paul Morgan penned: You have a fair chance of gaining some unexpected experience points by logging into X as root, unless you are unplugging all external network devices first. Not allowing root access to X is pretty much at the top of my "never, ever do this under any circumstances" list. There are several ways in which you can get hurt, none of which I wish to advertise in an open forum. Security through obscurity? C'mon, now! Inquiring minds want to know! Very funny, kiddo :) I was genuinely curious ... but hey, whatever. I rarely even run X, let alone as root! I don't want to get anyone's system fscked up, they're all pretty much documented in security howtos, etc. Anyway, if one *doesn't* allow root login access to X, one can't accidentally do dumb stuff like execute IRC clients, etc. IIRC, either xchat or bitchx ... probably bitchx ... won't even let you run as root. and GDM won't let you login as root... Hugo. I am an expert on doing dumb stuff, but even I have limits :) I have yet to fully explore my limits, I'm sure =P -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Now We Are Rollin'
On Sun, 30 Nov 2003 13:37:23 -0700, Monique Y. Herman wrote: > On Sun, 30 Nov 2003 at 20:00 GMT, Paul Morgan penned: >> On Sun, 30 Nov 2003 11:37:56 -0700, Monique Y. Herman wrote: >> >>> On Sun, 30 Nov 2003 at 12:04 GMT, Paul Morgan penned: You have a fair chance of gaining some unexpected experience points by logging into X as root, unless you are unplugging all external network devices first. Not allowing root access to X is pretty much at the top of my "never, ever do this under any circumstances" list. There are several ways in which you can get hurt, none of which I wish to advertise in an open forum. >>> >>> Security through obscurity? C'mon, now! >>> >>> Inquiring minds want to know! >> >> Very funny, kiddo :) > > I was genuinely curious ... but hey, whatever. I rarely even run X, let > alone as root! > >> I don't want to get anyone's system fscked up, they're all pretty >> much documented in security howtos, etc. >> >> Anyway, if one *doesn't* allow root login access to X, one can't >> accidentally do dumb stuff like execute IRC clients, etc. > > IIRC, either xchat or bitchx ... probably bitchx ... won't even let you > run as root. > >> I am an expert on doing dumb stuff, but even I have limits :) >> > > I have yet to fully explore my limits, I'm sure =P I guess I'd sum it up like this: - you have to assume that anyone out in internetland that knows you're running a browser or an IRC client, etc., as root is going to try to hurt you, and, under some circumstances, they can. - it is easy even for sysadmins with years of experience to screw up a system while logged in as root, and logging into X as root multiplies the risk. - life's hard enough, why take completely unnecessary risks for the sake of typing su and a password? - however, my dumbest stunt came from an su to root: rm -fr /bin /usr instead of rm -fr bin usr ...that one's tough to beat on the scale of dumbness. Or on the scale of "negative system impact", as they say. Thank the Lord it was just my own personal system. -- paul "The average lifespan of a Web page today is 100 days. This is no way to run a culture." Internet Archive Board Chairman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Now We Are Rollin'
On Sun, 30 Nov 2003 at 20:00 GMT, Paul Morgan penned: > On Sun, 30 Nov 2003 11:37:56 -0700, Monique Y. Herman wrote: > >> On Sun, 30 Nov 2003 at 12:04 GMT, Paul Morgan penned: >>> >>> You have a fair chance of gaining some unexpected experience points >>> by logging into X as root, unless you are unplugging all external >>> network devices first. Not allowing root access to X is pretty much >>> at the top of my "never, ever do this under any circumstances" list. >>> There are several ways in which you can get hurt, none of which I >>> wish to advertise in an open forum. >>> >> >> Security through obscurity? C'mon, now! >> >> Inquiring minds want to know! > > Very funny, kiddo :) I was genuinely curious ... but hey, whatever. I rarely even run X, let alone as root! > I don't want to get anyone's system fscked up, they're all pretty > much documented in security howtos, etc. > > Anyway, if one *doesn't* allow root login access to X, one can't > accidentally do dumb stuff like execute IRC clients, etc. IIRC, either xchat or bitchx ... probably bitchx ... won't even let you run as root. > I am an expert on doing dumb stuff, but even I have limits :) > I have yet to fully explore my limits, I'm sure =P -- monique -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Now We Are Rollin'
On Sun, 30 Nov 2003 11:37:56 -0700, Monique Y. Herman wrote: > On Sun, 30 Nov 2003 at 12:04 GMT, Paul Morgan penned: >> >> You have a fair chance of gaining some unexpected experience points by >> logging into X as root, unless you are unplugging all external network >> devices first. Not allowing root access to X is pretty much at the >> top of my "never, ever do this under any circumstances" list. There >> are several ways in which you can get hurt, none of which I wish to >> advertise in an open forum. >> > > Security through obscurity? C'mon, now! > > Inquiring minds want to know! Very funny, kiddo :) I don't want to get anyone's system fscked up, they're all pretty much documented in security howtos, etc. Anyway, if one *doesn't* allow root login access to X, one can't accidentally do dumb stuff like execute IRC clients, etc. I am an expert on doing dumb stuff, but even I have limits :) -- paul "The average lifespan of a Web page today is 100 days. This is no way to run a culture." Internet Archive Board Chairman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Now We Are Rollin'
On Sun, 30 Nov 2003 at 12:04 GMT, Paul Morgan penned: > > You have a fair chance of gaining some unexpected experience points by > logging into X as root, unless you are unplugging all external network > devices first. Not allowing root access to X is pretty much at the > top of my "never, ever do this under any circumstances" list. There > are several ways in which you can get hurt, none of which I wish to > advertise in an open forum. > Security through obscurity? C'mon, now! Inquiring minds want to know! -- monique -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Now We Are Rollin'
On Sun, 30 Nov 2003 02:43:25 -0800 (PST), Scarletdown <[EMAIL PROTECTED]> wrote in message <[EMAIL PROTECTED]>: > Previously, I was running 1024x768 24-Bit color. Changing to 800x600 > 16-Bit color seems to have done the trick. It's kind of a bummer not > being able to use the higher settings (since a 4MB S3 Virge should be > able to handle it just fine), ..I run 1152x864x16 on my 2MB ati card and an embedded Cirrus Logic GD 5480 (rev 23), and 1024x768x16 on an Cirrus Logic GD 5465 [Laguna] (rev 03), it runs out of vram. ..you wanna stay at 16, possibly 15 bit color, and hike up your resolution until it flickers. With 800x600 you oughtta get 24 bit working. > but it is worth the trade-off, and both > the GNOME and KDE desktops look really nice now. Perhaps one of these > days I will score a cheap used 8MB PCI video card at one of the thrift > stores, then I can give the higher resolutions another go. ..I run my ati 3D Rage IIC AGP (rev 7a) at 1600x1200x24bit, is as far as I can push it until someone advices me how I gun up the card from 162MHz to 230MHz. And 1600x1200 I guess is too far for accellerated graphics. -- ..med vennlig hilsen = with Kind Regards from Arnt... ;-) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Now We Are Rollin'
On Sun, 30 Nov 2003 02:43:25 -0800, Scarletdown wrote: > I finally fixed my XF86 problems at last. It seems > that all I had to > do to stop both the flickering and the crashing is > lower the default > resolution and color depth. Previously, I was running > 1024x768 24- > Bit color. Changing to 800x600 16-Bit color seems to > have done the > trick. It's kind of a bummer not being able to use > the higher > settings (since a 4MB S3 Virge should be able to > handle it just > fine), but it is worth the trade-off, and both the > GNOME and KDE > desktops look really nice now. Perhaps one of these > days I will > score a cheap used 8MB PCI video card at one of the > thrift stores, > then I can give the higher resolutions another go. > > I also managed to get GDM configured and customized to > my tastes, and > I went ahead and set it up so I could log in directly > as root if I > feel like it. I know that that is a security > vulnerability, but this > is my experimentation platform. And when and if I do > start setting > up Debian systems for other people, I will of course > configure them > so that they can only operate as root by logging in > normally and then > using su to become root. Heck, I'll be doing that for > my primary > workstation as well. > > So much to still tweak now, it's hard to fecide what > to work on next. > Actually, I think the next thing I will do is get my > Samba > configuration file properly set up. She is visible on > the LAN > already, but I still need to define some shares, and > also set her up > so she automatically mounts shared folders on the > LAN's other three > systems (currently Windows-98 all of them) at boot > time. > > After that, I think it will be time to optimize her by > deactivating > services she doesn't need to have running, > uninstalling extraneous > packages, and installing packages I may have missed > initially. > > Other plans for this system will include possibly > trying to compile > the 2.4.22 kernel and then giving SE Linux a try (that > is Security > Enhanced Linux, freely available from the NSA) > > http://www.nsa.gov/selinux/index.html > > Anyway, it's been a good evening, Linuxwise this time > around. Now I > can go to bed with the feeling that I have gained some > major > experience points. :) > > You have a fair chance of gaining some unexpected experience points by logging into X as root, unless you are unplugging all external network devices first. Not allowing root access to X is pretty much at the top of my "never, ever do this under any circumstances" list. There are several ways in which you can get hurt, none of which I wish to advertise in an open forum. -- paul "The average lifespan of a Web page today is 100 days. This is no way to run a culture." Internet Archive Board Chairman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]