The Ultimate Solution for running as root

For discussions about security.
Message
Author
User avatar
gposil
Posts: 1300
Joined: Mon 06 Apr 2009, 10:00
Location: Stanthorpe (The Granite Belt), QLD, Australia
Contact:

The Ultimate Solution for running as root

#1 Post by gposil »

Don't use Puppy....
[img]http://gposil.netne.net/images/tlp80.gif[/img] [url=http://www.dpup.org][b]Dpup Home[/b][/url]

User avatar
Lobster
Official Crustacean
Posts: 15522
Joined: Wed 04 May 2005, 06:06
Location: Paradox Realm
Contact:

#2 Post by Lobster »

:D Guy

The tin hats quake because they might inadvertently
mount their hard drive and allow the imaginary
hordes of penguin hackers
access to their secret number of pins
- or pin number

I recently tried a BSD live disk
So secure it did not even run . . .

I find any Linux that denies me access to my CD ROM
or requiring a password to save a file
is secure beyond requirement . . .

Through diligent vitamin intake
I have increased my IQ to the point where
I realise the hound hacker, the ever present deleter of files
the visitor of dodgy web sites
is me

Find a 'secure' OS and I will have it not working
in less than a week through diligent misuse.
Probably without any special effort
Puppy Raspup 8.2Final 8)
Puppy Links Page http://www.smokey01.com/bruceb/puppy.html :D

tlchost
Posts: 2057
Joined: Sun 05 Aug 2007, 23:26
Location: Baltimore, Maryland USA
Contact:

#3 Post by tlchost »

Never connect to the Internet.

For the truly paranoid, never power up the computer.

Sylvander
Posts: 4416
Joined: Mon 15 Dec 2008, 11:06
Location: West Lothian, Scotland, UK

#4 Post by Sylvander »

@gposil
That is SO GOOD. :D

The 1st laugh of the day [may there be many more].

I like Puppy because it doesn't treat me like I'm a dummy.

User avatar
sikpuppy
Posts: 415
Joined: Sun 29 Mar 2009, 05:54

#5 Post by sikpuppy »

What this puppy needs is another half dozen threads on running as root. Also more coverage of Windows and other distros. Oh, and a free AOL startup disc with every puppy ISO download.
ASUS A1000, 800Mhz PIII Coppermine!, 192Mb RAM, 10Gb IBM Travelstar HDD, Build date August 2001.

tlchost
Posts: 2057
Joined: Sun 05 Aug 2007, 23:26
Location: Baltimore, Maryland USA
Contact:

#6 Post by tlchost »

sikpuppy wrote:Oh, and a free AOL startup disc with every puppy ISO download.
If you can spell root, the AOL disk comes in a nice metal tin....when you recieve it, throw away the AOL startup disc and use it for your Puppy Live-CD.

User avatar
gposil
Posts: 1300
Joined: Mon 06 Apr 2009, 10:00
Location: Stanthorpe (The Granite Belt), QLD, Australia
Contact:

#7 Post by gposil »

New Puppy Security...
Attachments
secure.jpg
Security Message
(9.47 KiB) Downloaded 2256 times
[img]http://gposil.netne.net/images/tlp80.gif[/img] [url=http://www.dpup.org][b]Dpup Home[/b][/url]

User avatar
alienjeff
Posts: 2265
Joined: Sat 08 Jul 2006, 20:19
Location: Winsted, CT - USA

#8 Post by alienjeff »

Lobster wrote: I recently tried a BSD live disk
So secure it did not even run . . .
PEBKAC
[size=84][i]hangout:[/i] ##b0rked on irc.freenode.net
[i]diversion:[/i] [url]http://alienjeff.net[/url] - visit The Fringe
[i]quote:[/i] "The foundation of authority is based upon the consent of the people." - Thomas Hooker[/size]

Sylvander
Posts: 4416
Joined: Mon 15 Dec 2008, 11:06
Location: West Lothian, Scotland, UK

#9 Post by Sylvander »

@gposil
Another good one; 2nd laugh of the day! :lol:

I told my wife the 1st one, and tried to explain why it's so funny, but despite the fact she has a good sense of humour [she's the joker], she just didn't get it. :wink:

User avatar
Lobster
Official Crustacean
Posts: 15522
Joined: Wed 04 May 2005, 06:06
Location: Paradox Realm
Contact:

#10 Post by Lobster »

I think we could be on to something . . . :D

You are running as root:

If you are a Puppy User
Stay frisky

If you are an Ubuntu user
repeat the sacred mantra
'Do not run as root'
Repeat until hoarse

If you are an ex-Windows User
you are root, go bury yourself in the garden


Is there anyway we can add a honeypot/sandbox
for our esteemed and rare penguin cracker visitor?
Puppy Raspup 8.2Final 8)
Puppy Links Page http://www.smokey01.com/bruceb/puppy.html :D

User avatar
dejan555
Posts: 2798
Joined: Sun 30 Nov 2008, 11:57
Location: Montenegro
Contact:

#11 Post by dejan555 »

Please chmod all filesystem read-only, even tmp and browser chache:

chmod -R 444 /

that way you're sure nothing gets saved to system, even if you have full HD install!
puppy.b0x.me stuff mirrored [url=https://drive.google.com/open?id=0B_Mb589v0iCXNnhSZWRwd3R2UWs]HERE[/url] or [url=http://archive.org/details/Puppy_Linux_puppy.b0x.me_mirror]HERE[/url]

User avatar
sikpuppy
Posts: 415
Joined: Sun 29 Mar 2009, 05:54

#12 Post by sikpuppy »

Lobster wrote:I think we could be on to something . . . :D

If you are an ex-Windows User
you are root, go bury yourself in the garden[/color]
And if you insist that Windows is the be all and end all, then you are just rooted.
ASUS A1000, 800Mhz PIII Coppermine!, 192Mb RAM, 10Gb IBM Travelstar HDD, Build date August 2001.

User avatar
Lobster
Official Crustacean
Posts: 15522
Joined: Wed 04 May 2005, 06:06
Location: Paradox Realm
Contact:

#13 Post by Lobster »

chmod -R 444 /
Oh that is a geeky penguin joke - but I almost understood it . . .

This LCD protection device will ensure nothing untoward is viewable on
your PC
Image
Puppy Raspup 8.2Final 8)
Puppy Links Page http://www.smokey01.com/bruceb/puppy.html :D

User avatar
sikpuppy
Posts: 415
Joined: Sun 29 Mar 2009, 05:54

#14 Post by sikpuppy »

Lobster wrote:
chmod -R 444 /
Oh that is a geeky penguin joke - but I almost understood it . . .

This LCD protection device will ensure nothing untoward is viewable on
your PC
A HelloKitty Compudom?
ASUS A1000, 800Mhz PIII Coppermine!, 192Mb RAM, 10Gb IBM Travelstar HDD, Build date August 2001.

User avatar
Lobster
Official Crustacean
Posts: 15522
Joined: Wed 04 May 2005, 06:06
Location: Paradox Realm
Contact:

#15 Post by Lobster »

A HelloKitty Compudom?
:D

No peeking (so to speak)
Puppy Raspup 8.2Final 8)
Puppy Links Page http://www.smokey01.com/bruceb/puppy.html :D

magerlab
Posts: 739
Joined: Sun 08 Jul 2007, 20:08

#16 Post by magerlab »

how about a TFP pupplet ?
A pupplet for Tin foil hats

User avatar
sikpuppy
Posts: 415
Joined: Sun 29 Mar 2009, 05:54

#17 Post by sikpuppy »

How about PoundPuppy. This is a puplet I am designing.

It's a Puplet with no networking, no Firewire, no USB, no WiFi, no browsers, no chat, no email, no hard drives, no floppies, totally locked down with SElinux and 10 firewalls, 5 antivirus suites, 64 character password length enforcement, hourly password change enforcement, shut down after 30 seconds inactivity, lock CD drive while in Puppy.

Oh and no music, videos, documents, games, graphics, fun, keyboard, mouse and no monitor. No sound at all. Definitely no printers.

Basically you have to wait until the cd stops spinning. You know it's probably booted then and ready for the safest computing experience ever.
ASUS A1000, 800Mhz PIII Coppermine!, 192Mb RAM, 10Gb IBM Travelstar HDD, Build date August 2001.

aragon
Posts: 1698
Joined: Mon 15 Oct 2007, 12:18
Location: Germany

#18 Post by aragon »

i think secure hw is much better than secure sw

Image

aragon

Bruce B

#19 Post by Bruce B »

My current machine is worth, if I'm lucky about $90

If I downloaded Ubuntu and burned it to an opitical disk, the disk costs me
about 35 cents.

Considering I already have Linux partitions and GRUB, and a fairly fast
machine, the basic install would take about 1/2 an hour.

Then another hour or so adding packages from the repository.

Ubuntu protects me from things I don't need protection from. The setup
disk is in my room. The respository is still available.

It doesn't protect me from what I need protection from, namely my user
files.

I am the administrator of my $90 machine. This is the default, nobody
else to do the job.

As the admin, I backup my user files and configuration tweaks to a
separate device.

If the system goes bonkers on me, I would be wasting time if I spent
more time trying to fix it, than it would take to insert the install disk and
reinstall it the system.

~

Sometimes it pays to use yer noggin

Sylvander
Posts: 4416
Joined: Mon 15 Dec 2008, 11:06
Location: West Lothian, Scotland, UK

#20 Post by Sylvander »

1. I boot from an optical disk [CD-RW].

2. Make a pupsave on an ext3 partition on a Flash Drive.
And set this up so it doesn't auto-save during the session .
And gives me the choice "to save or not to save" at shut-down.

3. And copy the pupsave to a folder on an ext3 partition on an internal [10GB] HDD dedicated solely to 6 Puppies.
And I edited a file on the ISO so the pupsave on the HDD is treated as if on a Flash Drive.
And [as with 2 above] set this up so it doesn't auto-save during the session .
And gives me the choice "to save or not to save" at shut-down.

4. And then I make backup copies of the pupsave at key points...
[Like immediately prior to making an important/risky change that will be copied to the pupsave].

5. If I noticed something amiss [%CPU or Xload shooting up to MAX]...
I could:
Power-off.
Or...
Shut-down without saving any changes back to the pupsave.
Only if these failed would I restore a backup/copy of the pupsave.

6. I've never [not that I'm aware of] experienced any problem as a result of running as root....
And never seen anyone report that either.

7. When I say this kind of thing at the PC-Guide forums...
classicsoftware [a Moderator who spends 99% of his time helping people fix their infected Windows] gets angry and attacks me.
And yet I've never been banned. [12,717 posts since 1998]
He ridicules me because I offer Puppy Linux as a solution to various problems experienced by users of Windows.
I NEVER reply to attacks or ridicule.
I only offer solutions to problems.
e.g. See post #7 here.

Post Reply