Re: Now We Are Rollin'

[Paul Morgan]

On Sun, 30 Nov 2003 21:18:38 -0500, Paul Smith wrote:

> 
> Heh.  The only time I ever screwed up a UNIX box (and I've been using
> UNIX for a _LONG_ time), it was actually because of Linux.
> 

Me too.  Where the heck's /etc/bin gone? :)

> 
> Of course, to write the image to the floppy from a SunOS box you'd use
> dd to write to /dev/fd0.  Well, one time I mistyped that as /dev/hd0
> instead.  My system didn't like that too much _AT ALL_.  :-/ :).

OK, you have definitely got me beat :>

Which just goes to show that you don't need to be dumb or inexperienced to
screw up a system.  All you need is the root password and enough time.

Logging in as root is (as is pointer arithmetic in C) like giving a small
child a loaded gun.  Sooner or later it's going to go off, and
someone is probably going to get hurt :)

-- 
paul

"The average lifespan of a Web page today is 100 days. This is no way to
run a culture."

Internet Archive Board Chairman



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Now We Are Rollin'

[Walter Dnes]

On Sun, Nov 30, 2003 at 02:43:25AM -0800, Scarletdown wrote
> I finally fixed my XF86 problems at last.  It seems that all I
> had to do to stop both the flickering and the crashing is lower
> the default resolution and color depth.  Previously, I was running
> 1024x768 24- Bit color.  Changing to 800x600 16-Bit color seems to
> have done the trick.

  If you can run 800 X 600 X 16, you can run 800 X 600 X 24.  Note that
"24-bit-mode" will use 32 bits, i.e 4 bytes, per pixel.  This is due to
a shortcut which pounds out whole words (16 bits) at a time rather than
bytes (8 bits).  This speeds things up, which is why it's done that way.

> It's kind of a bummer not being able to use the higher settings
> (since a 4MB S3 Virge should be able to handle it just fine), but
> it is worth the trade-off, and both the GNOME and KDE desktops look
> really nice now.  Perhaps one of these days I will score a cheap used
> 8MB PCI video card at one of the thrift stores, then I can give the
> higher resolutions another go.

  Your display resolution limit might be due to your *MONITOR*, rather
than your video card.  Your video card has enough ram to display
1600 X 1200 X 16 or 1152 X 864 X 24.  The default horizontal and vertical
frequency assignments in X may not be optimal for you monitor.  If you
have the specs for you monitor, check out...

http://koala.ilog.fr/cgi-bin/nph-colas-modelines

  The site takes your specs and generates modelines for use with X.
Note, you need to enable javascript.  This is one of the few sites where
it's actually justified to require javascript.

-- 
Walter Dnes <[EMAIL PROTECTED]>
Email users are divided into two classes;
1) Those who have effective spam-blocking
2) Those who wish they did


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Now We Are Rollin'

[Paul Smith]

%% Paul Morgan <[EMAIL PROTECTED]> writes:

  pm> - however, my dumbest stunt came from an su to root:

  pm> rm -fr /bin /usr
  pm> instead of
  pm> rm -fr bin usr

  pm> ...that one's tough to beat on the scale of dumbness.  Or on the
  pm> scale of "negative system impact", as they say.

Heh.  The only time I ever screwed up a UNIX box (and I've been using
UNIX for a _LONG_ time), it was actually because of Linux.

Back in 1993 when I first started using Linux I used to get Slackware
etc. distros by downloading them at work and writing them to a bunch of
floppies to take home and load on my Intel box.  I had a SPARC running
SunOS 4.1.x at work then.

Of course, to write the image to the floppy from a SunOS box you'd use
dd to write to /dev/fd0.  Well, one time I mistyped that as /dev/hd0
instead.  My system didn't like that too much _AT ALL_.  :-/ :).

-- 
---
 Paul D. Smith <[EMAIL PROTECTED]>   HASMAT--HA Software Mthds & Tools
 "Please remain calm...I may be mad, but I am a professional." --Mad Scientist
---
   These are my opinions---Nortel Networks takes no responsibility for them.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Now We Are Rollin'

[Paul Morgan]

On Sun, 30 Nov 2003 17:30:05 -0600, Hugo Vanwoerkom wrote:

> Monique Y. Herman wrote:
>> On Sun, 30 Nov 2003 at 20:00 GMT, Paul Morgan penned:
>> 
>>>On Sun, 30 Nov 2003 11:37:56 -0700, Monique Y. Herman wrote:
>>>
>>>
On Sun, 30 Nov 2003 at 12:04 GMT, Paul Morgan penned:

>You have a fair chance of gaining some unexpected experience points
>by logging into X as root, unless you are unplugging all external
>network devices first.  Not allowing root access to X is pretty much
>at the top of my "never, ever do this under any circumstances" list.
>There are several ways in which you can get hurt, none of which I
>wish to advertise in an open forum.
>

Security through obscurity?  C'mon, now!

Inquiring minds want to know!
>>>
>>>Very funny, kiddo :)
>> 
>> 
>> I was genuinely curious ... but hey, whatever.  I rarely even run X, let
>> alone as root!
>> 
>> 
>>> I don't want to get anyone's system fscked up, they're all pretty
>>> much documented in security howtos, etc.
>>>
>>>Anyway, if one *doesn't* allow root login access to X, one can't
>>>accidentally do dumb stuff like execute IRC clients, etc.
>> 
>> 
>> IIRC, either xchat or bitchx ... probably bitchx ... won't even let you
>> run as root.  
>> 
> 
> and GDM won't let you login as root...
> 
> Hugo.
> 

Not so.  The *default config* won't allow root logins.  Because it's an
inadvisable thing to do.

-- 
paul

"The average lifespan of a Web page today is 100 days. This is no way to
run a culture."

Internet Archive Board Chairman



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Now We Are Rollin'

[Hugo Vanwoerkom]

Monique Y. Herman wrote:
On Sun, 30 Nov 2003 at 20:00 GMT, Paul Morgan penned:

On Sun, 30 Nov 2003 11:37:56 -0700, Monique Y. Herman wrote:


On Sun, 30 Nov 2003 at 12:04 GMT, Paul Morgan penned:

You have a fair chance of gaining some unexpected experience points
by logging into X as root, unless you are unplugging all external
network devices first.  Not allowing root access to X is pretty much
at the top of my "never, ever do this under any circumstances" list.
There are several ways in which you can get hurt, none of which I
wish to advertise in an open forum.
Security through obscurity?  C'mon, now!

Inquiring minds want to know!
Very funny, kiddo :)


I was genuinely curious ... but hey, whatever.  I rarely even run X, let
alone as root!

I don't want to get anyone's system fscked up, they're all pretty
much documented in security howtos, etc.
Anyway, if one *doesn't* allow root login access to X, one can't
accidentally do dumb stuff like execute IRC clients, etc.


IIRC, either xchat or bitchx ... probably bitchx ... won't even let you
run as root.  

and GDM won't let you login as root...

Hugo.




I am an expert on doing dumb stuff, but even I have limits :)



I have yet to fully explore my limits, I'm sure =P



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Now We Are Rollin'

[Paul Morgan]

On Sun, 30 Nov 2003 13:37:23 -0700, Monique Y. Herman wrote:

> On Sun, 30 Nov 2003 at 20:00 GMT, Paul Morgan penned:
>> On Sun, 30 Nov 2003 11:37:56 -0700, Monique Y. Herman wrote:
>> 
>>> On Sun, 30 Nov 2003 at 12:04 GMT, Paul Morgan penned:
 
 You have a fair chance of gaining some unexpected experience points
 by logging into X as root, unless you are unplugging all external
 network devices first.  Not allowing root access to X is pretty much
 at the top of my "never, ever do this under any circumstances" list.
 There are several ways in which you can get hurt, none of which I
 wish to advertise in an open forum.
 
>>> 
>>> Security through obscurity?  C'mon, now!
>>> 
>>> Inquiring minds want to know!
>> 
>> Very funny, kiddo :)
> 
> I was genuinely curious ... but hey, whatever.  I rarely even run X, let
> alone as root!
> 
>>  I don't want to get anyone's system fscked up, they're all pretty
>>  much documented in security howtos, etc.
>> 
>> Anyway, if one *doesn't* allow root login access to X, one can't
>> accidentally do dumb stuff like execute IRC clients, etc.
> 
> IIRC, either xchat or bitchx ... probably bitchx ... won't even let you
> run as root.  
> 
>> I am an expert on doing dumb stuff, but even I have limits :)
>> 
> 
> I have yet to fully explore my limits, I'm sure =P

I guess I'd sum it up like this:

- you have to assume that anyone out in internetland that knows you're
running a browser or an IRC client, etc., as root is going to try to hurt
you, and, under some circumstances, they can.

- it is easy even for sysadmins with years of experience to
screw up a system while logged in as root, and logging into X as root
multiplies the risk.

- life's hard enough, why take completely unnecessary risks for the sake
of typing su and a password?

- however, my dumbest stunt came from an su to root:

rm -fr /bin /usr
instead of
rm -fr bin usr

...that one's tough to beat on the scale of dumbness.  Or on the scale of
"negative system impact", as they say.  Thank the Lord it was just my own
personal system.

-- 
paul

"The average lifespan of a Web page today is 100 days. This is no way to
run a culture."

Internet Archive Board Chairman



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Now We Are Rollin'

[Monique Y. Herman]

On Sun, 30 Nov 2003 at 20:00 GMT, Paul Morgan penned:
> On Sun, 30 Nov 2003 11:37:56 -0700, Monique Y. Herman wrote:
> 
>> On Sun, 30 Nov 2003 at 12:04 GMT, Paul Morgan penned:
>>> 
>>> You have a fair chance of gaining some unexpected experience points
>>> by logging into X as root, unless you are unplugging all external
>>> network devices first.  Not allowing root access to X is pretty much
>>> at the top of my "never, ever do this under any circumstances" list.
>>> There are several ways in which you can get hurt, none of which I
>>> wish to advertise in an open forum.
>>> 
>> 
>> Security through obscurity?  C'mon, now!
>> 
>> Inquiring minds want to know!
> 
> Very funny, kiddo :)

I was genuinely curious ... but hey, whatever.  I rarely even run X, let
alone as root!

>  I don't want to get anyone's system fscked up, they're all pretty
>  much documented in security howtos, etc.
> 
> Anyway, if one *doesn't* allow root login access to X, one can't
> accidentally do dumb stuff like execute IRC clients, etc.

IIRC, either xchat or bitchx ... probably bitchx ... won't even let you
run as root.  

> I am an expert on doing dumb stuff, but even I have limits :)
> 

I have yet to fully explore my limits, I'm sure =P

-- 
monique


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Now We Are Rollin'

[Paul Morgan]

On Sun, 30 Nov 2003 11:37:56 -0700, Monique Y. Herman wrote:

> On Sun, 30 Nov 2003 at 12:04 GMT, Paul Morgan penned:
>> 
>> You have a fair chance of gaining some unexpected experience points by
>> logging into X as root, unless you are unplugging all external network
>> devices first.  Not allowing root access to X is pretty much at the
>> top of my "never, ever do this under any circumstances" list.  There
>> are several ways in which you can get hurt, none of which I wish to
>> advertise in an open forum.
>> 
> 
> Security through obscurity?  C'mon, now!
> 
> Inquiring minds want to know!

Very funny, kiddo :)

 I don't want to get anyone's system fscked up, they're all pretty
much documented in security howtos, etc.

Anyway, if one *doesn't* allow root login access to X, one can't
accidentally do dumb stuff like execute IRC clients, etc.

I am an expert on doing dumb stuff, but even I have limits :)

-- 
paul

"The average lifespan of a Web page today is 100 days. This is no way to
run a culture."

Internet Archive Board Chairman



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Now We Are Rollin'

[Monique Y. Herman]

On Sun, 30 Nov 2003 at 12:04 GMT, Paul Morgan penned:
> 
> You have a fair chance of gaining some unexpected experience points by
> logging into X as root, unless you are unplugging all external network
> devices first.  Not allowing root access to X is pretty much at the
> top of my "never, ever do this under any circumstances" list.  There
> are several ways in which you can get hurt, none of which I wish to
> advertise in an open forum.
> 

Security through obscurity?  C'mon, now!

Inquiring minds want to know!

-- 
monique


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Now We Are Rollin'

[Arnt Karlsen]

On Sun, 30 Nov 2003 02:43:25 -0800 (PST), 
Scarletdown <[EMAIL PROTECTED]> wrote in message 
<[EMAIL PROTECTED]>:

> Previously, I was running 1024x768 24-Bit color.  Changing to 800x600
> 16-Bit color seems to have done the trick.  It's kind of a bummer not
> being able to use the higher settings (since a 4MB S3 Virge should be
> able to handle it just fine), 

..I run 1152x864x16 on my 2MB ati card and an embedded 
Cirrus Logic GD 5480 (rev 23), and 1024x768x16 on an 
Cirrus Logic GD 5465 [Laguna] (rev 03), it runs out of vram.

..you wanna stay at 16, possibly 15 bit color, and hike up your
resolution until it flickers.  With 800x600 you oughtta get 24 bit 
working.

> but it is worth the trade-off, and both
> the GNOME and KDE desktops look really nice now.  Perhaps one of these
> days I will score a cheap used 8MB PCI video card at one of the thrift
> stores, then I can give the higher resolutions another go.

..I run my ati 3D Rage IIC AGP (rev 7a) at 1600x1200x24bit, is as far as
I can push it until someone advices me how I gun up the card from 162MHz
to 230MHz. And 1600x1200 I guess is too far for accellerated graphics.

-- 
..med vennlig hilsen = with Kind Regards from Arnt... ;-)
...with a number of polar bear hunters in his ancestry...
  Scenarios always come in sets of three: 
  best case, worst case, and just in case.



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Now We Are Rollin'

[Paul Morgan]

On Sun, 30 Nov 2003 02:43:25 -0800, Scarletdown wrote:

> I finally fixed my XF86 problems at last.  It seems
> that all I had to 
> do to stop both the flickering and the crashing is
> lower the default 
> resolution and color depth.  Previously, I was running
> 1024x768 24-
> Bit color.  Changing to 800x600 16-Bit color seems to
> have done the 
> trick.  It's kind of a bummer not being able to use
> the higher 
> settings (since a 4MB S3 Virge should be able to
> handle it just 
> fine), but it is worth the trade-off, and both the
> GNOME and KDE 
> desktops look really nice now.  Perhaps one of these
> days I will 
> score a cheap used 8MB PCI video card at one of the
> thrift stores, 
> then I can give the higher resolutions another go.
> 
> I also managed to get GDM configured and customized to
> my tastes, and 
> I went ahead and set it up so I could log in directly
> as root if I 
> feel like it.  I know that that is a security
> vulnerability, but this 
> is my experimentation platform.  And when and if I do
> start setting 
> up Debian systems for other people, I will of course
> configure them 
> so that they can only operate as root by logging in
> normally and then 
> using su to become root.  Heck, I'll be doing that for
> my primary 
> workstation as well.
> 
> So much to still tweak now, it's hard to fecide what
> to work on next. 
>  Actually, I think the next thing I will do is get my
> Samba 
> configuration file properly set up.  She is visible on
> the LAN 
> already, but I still need to define some shares, and
> also set her up 
> so she automatically mounts shared folders on the
> LAN's other three 
> systems (currently Windows-98 all of them) at boot
> time.
> 
> After that, I think it will be time to optimize her by
> deactivating 
> services she doesn't need to have running,
> uninstalling extraneous 
> packages, and installing packages I may have missed
> initially.
> 
> Other plans for this system will include possibly
> trying to compile 
> the 2.4.22 kernel and then giving SE Linux a try (that
> is Security 
> Enhanced Linux, freely available from the NSA)
> 
> http://www.nsa.gov/selinux/index.html
> 
> Anyway, it's been a good evening, Linuxwise this time
> around.  Now I 
> can go to bed with the feeling that I have gained some
> major 
> experience points.  :)
> 
> 

You have a fair chance of gaining some unexpected experience points by
logging into X as root, unless you are unplugging all external network
devices first.  Not allowing root access to X is pretty much at the top of
my "never, ever do this under any circumstances" list.  There are several
ways in which you can get hurt, none of which I wish to advertise in an
open forum.

-- 
paul

"The average lifespan of a Web page today is 100 days. This is no way to
run a culture."

Internet Archive Board Chairman



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]