Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Tue 22 Jul 2014, 15:54
All times are UTC - 4
 Forum index » Off-Topic Area » Security
The Ultimate Solution for running as root
Post new topic   Reply to topic View previous topic :: View next topic
Page 2 of 4 [47 Posts]   Goto page: Previous 1, 2, 3, 4 Next
Author Message
magerlab

Joined: 08 Jul 2007
Posts: 731

PostPosted: Mon 23 Nov 2009, 07:20    Post subject:  

how about a TFP pupplet ?
A pupplet for Tin foil hats

_________________
skype: desafimager
Back to top
View user's profile Send private message 
sikpuppy


Joined: 29 Mar 2009
Posts: 433

PostPosted: Mon 23 Nov 2009, 07:31    Post subject:  

How about PoundPuppy. This is a puplet I am designing.

It's a Puplet with no networking, no Firewire, no USB, no WiFi, no browsers, no chat, no email, no hard drives, no floppies, totally locked down with SElinux and 10 firewalls, 5 antivirus suites, 64 character password length enforcement, hourly password change enforcement, shut down after 30 seconds inactivity, lock CD drive while in Puppy.

Oh and no music, videos, documents, games, graphics, fun, keyboard, mouse and no monitor. No sound at all. Definitely no printers.

Basically you have to wait until the cd stops spinning. You know it's probably booted then and ready for the safest computing experience ever.

_________________
ASUS A1000, 800Mhz PIII Coppermine!, 192Mb RAM, 10Gb IBM Travelstar HDD, Build date August 2001.
Back to top
View user's profile Send private message MSN Messenger 
aragon

Joined: 15 Oct 2007
Posts: 1698
Location: Germany

PostPosted: Tue 24 Nov 2009, 08:59    Post subject:  

i think secure hw is much better than secure sw



aragon

_________________
PUPPY SEARCH: http://wellminded.com/puppy/pupsearch.html
Back to top
View user's profile Send private message 
Bruce B


Joined: 18 May 2005
Posts: 11080
Location: The Peoples Republic of California

PostPosted: Fri 11 Mar 2011, 00:32    Post subject:  

My current machine is worth, if I'm lucky about $90

If I downloaded Ubuntu and burned it to an opitical disk, the disk costs me
about 35 cents.

Considering I already have Linux partitions and GRUB, and a fairly fast
machine, the basic install would take about 1/2 an hour.

Then another hour or so adding packages from the repository.

Ubuntu protects me from things I don't need protection from. The setup
disk is in my room. The respository is still available.

It doesn't protect me from what I need protection from, namely my user
files.

I am the administrator of my $90 machine. This is the default, nobody
else to do the job.

As the admin, I backup my user files and configuration tweaks to a
separate device.

If the system goes bonkers on me, I would be wasting time if I spent
more time trying to fix it, than it would take to insert the install disk and
reinstall it the system.

~

Sometimes it pays to use yer noggin

_________________
New! Puppy Linux Links Page
Back to top
View user's profile Send private message 
Sylvander

Joined: 15 Dec 2008
Posts: 3399
Location: West Lothian, Scotland, UK

PostPosted: Fri 11 Mar 2011, 05:54    Post subject:  

1. I boot from an optical disk [CD-RW].

2. Make a pupsave on an ext3 partition on a Flash Drive.
And set this up so it doesn't auto-save during the session [I can save manually].
And gives me the choice "to save or not to save" at shut-down.

3. And copy the pupsave to a folder on an ext3 partition on an internal [10GB] HDD dedicated solely to 6 Puppies.
And I edited a file on the ISO so the pupsave on the HDD is treated as if on a Flash Drive.
And [as with 2 above] set this up so it doesn't auto-save during the session [I can save manually].
And gives me the choice "to save or not to save" at shut-down.

4. And then I make backup copies of the pupsave at key points...
[Like immediately prior to making an important/risky change that will be copied to the pupsave].

5. If I noticed something amiss [%CPU or Xload shooting up to MAX]...
I could:
Power-off.
Or...
Shut-down without saving any changes back to the pupsave.
Only if these failed would I restore a backup/copy of the pupsave.

6. I've never [not that I'm aware of] experienced any problem as a result of running as root....
And never seen anyone report that either.

7. When I say this kind of thing at the PC-Guide forums...
classicsoftware [a Moderator who spends 99% of his time helping people fix their infected Windows] gets angry and attacks me.
And yet I've never been banned. [12,717 posts since 1998]
He ridicules me because I offer Puppy Linux as a solution to various problems experienced by users of Windows.
I NEVER reply to attacks or ridicule.
I only offer solutions to problems.
e.g. See post #7 here.
Back to top
View user's profile Send private message 
Bruce B


Joined: 18 May 2005
Posts: 11080
Location: The Peoples Republic of California

PostPosted: Fri 11 Mar 2011, 06:08    Post subject:  

Sylvander wrote:

6. I've never [not that I'm aware of] experienced any problem as a result of running as root....
And never seen anyone report that either.


I have an unsubstantiated report that a Puppy user sprained an eyelash
while running as root. (just kidding, don't worry).

~

_________________
New! Puppy Linux Links Page
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Fri 11 Mar 2011, 10:39    Post subject:  

Quote:
6. I've never... seen anyone report that either.


Well I have but only once a year or so. I mention two of them.

One was a kind of drive by. He joined and told he had been attacked when using puppy and then gave some info but did not give us more info when we wanted to find out what could have happened to him.

So the thread just died out. Could that have been one year ago maybe?

Then we had the guy that got crossed over another puppy user and they started to fight each other verbally here in the forum but it had started on teh puppy chat help which I am not active on so I have no recall what on earth made them so upset over each other. But both of them did confirm that the other had hacked himself into the others computer and that him had take measure to stop these attacks and claimed him succeed which the other promised to break soon enough and then I lost track of their fights.

I sent a PM to some regular user of puppy forum and asked for more info what was going on but I received no answer. So I trust that those that know puppy from inside out they can do it any time.

But usually the standard criminals on the internet concentrate on the more common distros to get volume I guess. Too few use Puppy to be interesting for them to exploit I hope.

Don't you guys remember that debacle some years ago. 2009 or was it early 2010 or even 2008?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
dejan555


Joined: 30 Nov 2008
Posts: 2646
Location: Montenegro

PostPosted: Fri 11 Mar 2011, 11:05    Post subject:  

nooby wrote:

Then we had the guy that got crossed over another puppy user and they started to fight each other verbally here in the forum but it had started on teh puppy chat help which I am not active on so I have no recall what on earth made them so upset over each other.


Yes it was between WireWulf and pc Retro<3 but aparently WireWulf has already given him certain access to his PC.
http://www.murga-linux.com/puppy/viewtopic.php?t=54257

_________________


Back to top
View user's profile Send private message Visit poster's website MSN Messenger 
Sylvander

Joined: 15 Dec 2008
Posts: 3399
Location: West Lothian, Scotland, UK

PostPosted: Fri 11 Mar 2011, 11:16    Post subject:  

1. "Well I have....I mention two of them"
In my view, neither of those count because...
(a) The 1st was never confirmed, right?
Only confirmed examples should be counted.

(b) In the 2nd case, access was GIVEN, so that isn't a lack of Puppy security, it's a lack of USER security.
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Fri 11 Mar 2011, 15:08    Post subject:  

Guys I do apology, I missed the part of that him gave him permission first.

Did he give that despite him knowing it would be abused or what? Did he get tricked into it or what?

Gave access how?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Fri 11 Mar 2011, 15:12    Post subject:  

Thanks for the link that was the one I talked about yes!

But if one read what 8-bit write

Quote:
WIreWulf should NOT be banned from the IRC because of your attempt to hack outside of the directory containing the file he was offering you.
You. pc Retro<3, same as admitted you were trying to access directories outside of the one offering the file.
WireWulf tries to help you out and this is the thanks he gets?

This raises a major caution flag for me to NEVER offer you access to any file on my PC.
And I don't care if that pisses you off, because you cannot ban me from your IRC as I am not a member.

Also, admitting that you were trying to hack into someones computer says a lot about the kind of person you are.

http://www.murga-linux.com/puppy/viewtopic.php?p=408333#408333

I mean is it really as clear cut fault of the other. He did not approve of it did he?

So could you explain what was going on so I understand it. How can one protect against such mean actions by others?

Edit, I guess it is obvious that I fail to get what went on but none explained it on my Nooby level either so it was very scary to read it.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
dawg

Joined: 09 Aug 2009
Posts: 113
Location: still here

PostPosted: Fri 11 Mar 2011, 17:26    Post subject:  

I'm pretty sure others have said it before (I only come here occasionally, so I can't really know), but while the thread is alive...
I understand why running as root shouldn't be a big deal, but let me share a couple of points for Not wanting to run as root:

(1) - Imagine you have a single computer in a household populated by more than 1 person, all sharing that same computer, young kids and/or other computer-nonproficient and possibly naughty users included.
- The computer has a harddrive where a bunch of each user's stuff that doesn't fit on USB flash drives (videos, music...) is stored that none of the users wants screwed with by the rest of the users.
- Running as root will allow screwing with the said files by anyone (else) in the household, whereas having multiple users added to the system and proper access permissions set for each user's files who can then login separately, will not.
- This is one major point against running as root, even if everybody in the household loves Puppy otherwise. Smile

(2) - Even as the single user of a computer, if one isn't the most cautious or "lucid" computer user at all times, things can get screwed up, and maybe even rootkits or exploits caught which can then progress to the root system and hijack it or do other naughty things to it (and everyone's files).
- Nevermind having more people (kids) use the computer - the chances of such a thing happening rise heavily.


I hope this helps everyone understand eachother better.
Feel free to copy/paste these, and even add more points if I missed any Wink
Back to top
View user's profile Send private message 
ICQ Number 
puppyluvr


Joined: 06 Jan 2008
Posts: 3182
Location: Chickasha Oklahoma

PostPosted: Sat 12 Mar 2011, 02:03    Post subject:  

Very Happy Hello,
Put the stuff you care about in a hidden directory called "system" and it will be safe...LOL...If you are really concerned, bury it in /ect or /opt...above root..
If you are REALLY concerned.....separate save files...
IE..Public, and
Touch it and die....

_________________
Close the Windows, and open your eyes, to a whole new world
http://puppylinuxstuff.meownplanet.net/puppyluvr/
Puppy Linux Users Group on Facebook

Puppy since 2.15CE...
Back to top
View user's profile Send private message Visit poster's website 
8-bit


Joined: 03 Apr 2007
Posts: 3355
Location: Oregon

PostPosted: Sat 12 Mar 2011, 04:07    Post subject:  

How about creating a password protected, encrypted pupsave file for each user?
Since the base SFS file is relatively safe from modification, that just might work on a PC with multiple users.
Back to top
View user's profile Send private message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 10927
Location: Arizona USA

PostPosted: Sat 12 Mar 2011, 08:51    Post subject:  

Even if it is encrypted, a save file on a shared hard disk could be deleted. How about everyone has their own multisession CD or DVD? When they're done using the computer, they remove their DVD and put it in a safe place.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 2 of 4 [47 Posts]   Goto page: Previous 1, 2, 3, 4 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0961s ][ Queries: 12 (0.0091s) ][ GZIP on ]