DId a search for full install and only found references to some tools/applications doing it for you.

Maybe one could grab such a tool and look at code and
work backwards?

musher0 wrote: alphaOS? What is alpha OS? A Puppy derivative?

Was archpup to start with so yes a puppy blend based on arch.

was created by simargl


As much as bark hates it, I love it


Firejail is really good though

It is really good

I use it on alphaOS

fast and reliable

I recommend it for browsers

You don't have an old "full" install you can check?
or if you can search the info somewhere.

Yeah you feel free to ask 666philb or someone else!


over and out for today

I searched the Xtahr iso could not find that initrd directory also I cannot find file /bin/TARGETEXES don't know if that is essential for script Can you describe what do you want the script should do with intitrd.gz? Is Xtahr post-WoofCE? If you know or can find a description of what is needed I for...

Downloading Xtahr iso now to check it...

Yeah I am sorry I added an echo when I tested so this should be correct version shopt -s nullglob for drv in /zdrv* /adrv* /ydrv* "$SRCPATH"/zdrv* "$SRCPATH"/adrv* "$SRCPATH"/ydrv*;do echo "extracting $drv" [ -f "${drv}" ] && cp -af "${d...

OBS! If you want any hope of this script to work you have to locate a replacement for /lib/modules/"$KERNELVER"/initrd In script you try exchanging the for-loop with shopt -s nullglob for drv in /zdrv* /adrv* /ydrv* "$SRCPATH"/zdrv* "$SRCPATH"/adrv* "$SRCPATH"...

Well you need to help me with location of zdrv

Where is it?

Code looks for it in / and $SRCPATH

could it be both?

Dont rerun, I dont think will work, sorry

We need to investigate more, but that for-loop is not sane

further thinking on One, rm reports that it cannot remove /mnt/sdxx/data -- where sdxx is the drive and partition in question. You probably get ? "rm: cannot remove '/mnt/sdxx/data': No such file or directory now that makes sense, then I believe when for-loop is run we are not in the correct wo...

Three, I believe it is not copying initrd.gz over -- that's what the adrv/ydrv/zdrv mess leads to according to my guru friend. The code should still work. For loop is entered and processed for zdrv that is if script made sure to change directory to where zdrv is supposed to be. One, rm reports that...

I've got my local guru dude to analyze it; he says that there are a couple issues with the script as it is. One, it looks for the three files zdrv, adrv, ydrv, and if it doesn't get all three, it doesn't run a particular loop that copies the initrd stuff over. I guess this is the snippet you ask ab...

I think that most automated attacks are not targeted to puppy users and that privileges elevation of the process is not a hard problem for minded attackers. They just do it: this is the news every day when a new vulnerability is discovered. True but not that easy for script kiddies. Anyway I guess ...

watchdog wrote:How easy is to gain root privileges when you are user spot by using ordinary hackers' exploits?

If running as spot and code is injected into process/memory and execution
continues there, how hard is it to elevate privilegies to root
if root password is known?

I voted grub2 cause that is what I use on alphaos It was middling hard to install manually on usb before but I think they'd made it harder? I liked that grub2 can boot from non-contiguos iso's Maybe grub4dos has gained that ability as well? I got that impression from Steve Si's page about easy2boot....

weeping... Operators of vulnerable servers need to take action. There is nothing practical that browsers or end-users can do on their own to protect against this attack. Our measurements indicate 33% of all HTTPS servers are vulnerable to the attack. Did a quick try of the scan tool https://github.c...

Oh man oh man, I love this write up. The password check in the web interface :shock: if(dvr_camcnt == null || dvr_usr == null || dvr_pwd == null) { location.href = "/index.html"; } Those are cookie values and if all are not null the test is passed and it doesn't redirect back to login page...

@amigo
@jamesbond

I was very interested in your conversation about bootlace.com(grub4dos)

I would like to inspect source and build it
jamesbond aludes to it being present on git? is that on github?

Where can I find it?

*edit*

Found it by searching for grub4dos instead of bootlace

Interesting. There was some unsubstantiated comments though as that the linux sandbox was bad which is not my experience. Maybe he meant that webkit has its own sandbox like chrome? Does the problem boil down to javascript again? I checked my version of geany and it doesn't seem to depend on webkit ...