Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Fri 22 Aug 2014, 01:53
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Browsers and Internet
Browse as user "Spot"
Post new topic   Reply to topic View previous topic :: View next topic
Page 2 of 6 [80 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6 Next
Author Message
Jasper


Joined: 25 Apr 2010
Posts: 1111
Location: England

PostPosted: Fri 22 Apr 2011, 11:19    Post subject:  

Hi Luluc,

Thank you for your input. However, I apologize as my .mozilla folder is in /mnt/home and my .mozilla folder in root is an absolute link,

I have played with my absolute links without any success and I will amend your code for the different location and try it later today unless, meantime, anyone else has a definite solution.

My regards
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Fri 22 Apr 2011, 11:46    Post subject:  

Yes I need such too. I have the .mozilla on mnt/home and an absolute link to it. Does one need a relative link then?

How does one change the password for spot and what does it have now?

Thanks to L18L

_________________
I use Google Search on Puppy Forum
not an ideal solution though

Last edited by nooby on Fri 22 Apr 2011, 14:12; edited 1 time in total
Back to top
View user's profile Send private message 
L18L

Joined: 19 Jun 2010
Posts: 2505
Location: Burghaslach, Germany somewhere also known as "Hosla"

PostPosted: Fri 22 Apr 2011, 12:24    Post subject:  

nooby wrote:
How does one change the password for spot and what does it have now?

Code:
# passwd spot
Changing password for spot
New password:
Retype password:
Password for spot changed by root
#

Code:
# cat /etc/passwd | grep spot

Cheers
spot since 10 minutes Very Happy

Edited: but more important is to change root's password Exclamation
by simply typing in a console
Code:
passwd
Back to top
View user's profile Send private message 
Bernie_by_the_Sea


Joined: 09 Feb 2011
Posts: 329

PostPosted: Fri 22 Apr 2011, 13:47    Post subject:  

Dillo works under spot in Wary 500.

Code:
# su spot
# whoami
spot
# dillo

Dillo is relatively secure as root but Spot digs the hole deeper to bury his paranoid bones.

_________________
Frugal: Knoppix 6.4.4 DVD
USB: DSL 4.4.10
Full: WinXP Pro
Puppy (Feb. 4 - May 12, 2011) led me back to Linux.
Back to top
View user's profile Send private message 
Luluc


Joined: 16 Mar 2011
Posts: 200

PostPosted: Fri 22 Apr 2011, 16:11    Post subject:  

Dillo is secure to the extreme. No Flash. No Javascript. It can't be hacked.

But it's too much of a sacrifice IMO. It's ugly, renders badly, has no features... Confused
Back to top
View user's profile Send private message 
Jasper


Joined: 25 Apr 2010
Posts: 1111
Location: England

PostPosted: Sat 23 Apr 2011, 08:36    Post subject:  

Hi.

Yesterday I raised a query about add-ons and bookmarks (finally, I "cheated" by reinstalling those I wanted).

However,

if I click my desktop browsesafe icon it loads Firefox, but if I open my console on top of Firefox and then execute "whoami" the answer is always "root" (never "spot" as it presumably should be).

My regards

Addendum and correction:

rcrsn51 in a later post in this thread has kindly explained that Firefox, in this particular case, is actually running as user spot..

01micko has kindly explained in a later post in this thread that the code to use in this particular case is "ps|grep firefox" not "whoami".

--------------------------
However (as now underlined above was originally in large text and was followed in large bold text by the word "disturbingly"). This is now amended since all worked as was intended and nothing was "disturbing" except my faulty understanding.

Last edited by Jasper on Sun 24 Apr 2011, 05:33; edited 1 time in total
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sat 23 Apr 2011, 08:44    Post subject:  

Jasper you know computers much better than I do so if the following is totally out on the limb take it with a broad smile.

I only try to be logical and that usually fails when I do it.

On top of Firefox. My poor logic says you need to move .mozilla within the Spot directory and start it up there and then as you say on top open a terminal within spot and then ask who am I and it will say Spot Smile

I am wrong most likely but that was what my confused brain came up with Smile

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 9039
Location: Stratford, Ontario

PostPosted: Sat 23 Apr 2011, 08:54    Post subject:  

Jasper wrote:
However, disturbingly

Not at all. You are only the user spot in the temporary environment that is running Firefox. Outside of that, you are still root.

This is not like Ubuntu where you can log in as a completely new user.

While you are running your spot-Firefox, download a file and try to save it to /mnt/home or /bin. What happens?
Back to top
View user's profile Send private message 
Jasper


Joined: 25 Apr 2010
Posts: 1111
Location: England

PostPosted: Sat 23 Apr 2011, 09:06    Post subject:  

Hi rcrsn51,

Thank you very much for your encouraging explanation.

My regards
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 9039
Location: Stratford, Ontario

PostPosted: Sat 23 Apr 2011, 09:15    Post subject:  

rcrsn51 wrote:
While you are running your spot-Firefox, download a file and try to save it to /mnt/home or /bin. What happens?

What happened?
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sat 23 Apr 2011, 09:20    Post subject:  

And Rcrsn51 can you explain better. Does it mean there is no added security or was this your way to assure that it is safer to run as spot then? I fail to be sure what you say to Jasper.

I agree that it is as you say I only fail to get the implications of that fact.

_________________
I use Google Search on Puppy Forum
not an ideal solution though

Last edited by nooby on Sat 23 Apr 2011, 09:26; edited 1 time in total
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sat 23 Apr 2011, 09:22    Post subject:  

rcrsn51 wrote:
rcrsn51 wrote:
While you are running your spot-Firefox, download a file and try to save it to /mnt/home or /bin. What happens?

What happened?

As I remember it can only be saved within spot and then I need to start up Rox as root for to get access to it and move it elsewhere.
I tested this with a picture from a site and it ended up in spot and not on mnt/home as I wanted it to be Smile


As I wrote I have tested with other pic and what happened was that I failed to place it outside of Spot. So that is something I like but others say it does not help much due to the criminals know all the tricks something.

But I find it likely it is a bit safer so oklay I will wait for Jasper's answer then Smile

_________________
I use Google Search on Puppy Forum
not an ideal solution though

Last edited by nooby on Sat 23 Apr 2011, 09:36; edited 1 time in total
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 9039
Location: Stratford, Ontario

PostPosted: Sat 23 Apr 2011, 09:29    Post subject:  

nooby wrote:
And RC can you explain better

Not until Jasper answers my question above. With all due respect, talk is cheap. The only way to resolve issues is with actual physical testing.

Have you tried my suggestion yet?

1. Run a browser as spot.

2. Download this file. DON'T install it!

3. Try to save it to /mnt/home or /bin. What happens?
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 9039
Location: Stratford, Ontario

PostPosted: Sat 23 Apr 2011, 09:37    Post subject:  

nooby wrote:
I tested this with a picture from a site and it ended up in spot and not on mnt/home as I wanted it to be :)

Exactly. That's because the user spot does not have write permission on /mnt/home. Similarly, a piece of malware could not install itself into a system folder like /bin. However, it could still destroy all your personal files in spot.

Clearly, you don't want to save lots of files in spot because it fills up your savefile. So go to /mnt/home and make a folder called "spot-download". Give its ownership to spot
Code:
chown spot:spot /mnt/home/spot-download

Now you have a better place to download files. Of course, this folder is now theoretically vulnerable to attack.

You could also symlink spot's .mozilla profile into this area because spot has the correct permissions to use it. Or for that matter, you could delete the current spot user and create a new one whose home directory was a subfolder of /mnt/home. I haven't tested this yet.

Last edited by rcrsn51 on Sat 23 Apr 2011, 09:39; edited 1 time in total
Back to top
View user's profile Send private message 
01micko


Joined: 11 Oct 2008
Posts: 7794
Location: qld

PostPosted: Sat 23 Apr 2011, 09:38    Post subject:  

To test if you are browsing as spot run this:
Code:
ps|grep firefox
(replace firefox with seamonkey if required)
_________________
Woof Mailing List | keep the faith Cool |
Back to top
View user's profile Send private message Visit poster's website 
Display posts from previous:   Sort by:   
Page 2 of 6 [80 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Browsers and Internet
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0861s ][ Queries: 12 (0.0067s) ][ GZIP on ]