[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Problem attempting to use xorriso

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, Nov 10, 2016 at 07:40:06AM -0600, Richard Owlett wrote:
> On 11/10/2016 5:20 AM, tomas@tuxteam.de wrote:
> >-----BEGIN PGP SIGNED MESSAGE-----
> >Hash: SHA1
> >
> >On Thu, Nov 10, 2016 at 04:53:47AM -0600, Richard Owlett wrote:
> >>On 11/9/2016 5:16 PM, Lisi Reisz wrote:
> >>>On Sunday 06 November 2016 16:47:00 Richard Owlett wrote:
> >>>>[snip]
> >>>>Based on responses to previous posts titled "Trivial script will
> >>>>NOT execute" and "Permissions for an entire PARTITION" I have
> >>>>multiple problems understanding Linux file systems generally.
> >>>
> >>>I imagine you have seen this lot - especially the top three??
> >>>https://www.google.co.uk/search?q=basic+debian+file+system&oq=basic+debian+file+system&aqs=chrome..69i57.7617j0j7&sourceid=chrome&ie=UTF-8
> >>>
> >>>Lisi
> >>
> >>Yes, but not in the context of a sub-project from last few days.
> >>I suspect what I aiming at might look like - the groups and
> >>permission bits set at time partition created, thus avoiding games
> >>with /etc/fstab .
> >>
> >>richard@jessie-defaults:~$
> >>richard@jessie-defaults:~$ ls -l /dev/sd*
> >>brw-rw---- 1 root disk 8,  0 Nov 10 03:35 /dev/sda
> >>brw-rw---- 1 root owl  8,  1 Nov 10 03:35 /dev/sda1
> >>brw-rw-r-- 1 root owl  8,  2 Nov 10 03:35 /dev/sda2
> >>brw-rw---- 1 root disk 8,  3 Nov 10 03:35 /dev/sda3
> >>brw-rw---- 1 root disk 8,  5 Nov 10 03:35 /dev/sda5
> >>brw-rw---- 1 root disk 8, 16 Nov 10 04:43 /dev/sdb
> >>br--rw-r-- 1 root owl  8, 17 Nov 10 04:43 /dev/sdb1
> >
> >Note that with this setting, "you" can thrash whatever is in /dev/sda
> >through /dev/sdb (write access).
> 
> I don't understand.

Hm. Too concise (both of us ;-)

I'll give it a shot. By "you" I meant "user owl, i.e. any program running
under that user". Was that the unclear part?

[...]

> It doesn't "scare" me for a very good reason - the system in
> question has no network capability, let alone internet access. In
> fact the particular laptop had its disk wiped and a fresh install of
> Debian 3 times yesterday.

I know. Just refining some points to keep in mind: not every "malware"
comes "directly" from the Internet. It may be through a malicious
USB stick; it may be that neat Emacs Lisp given to you, it may be
a PostScript file or a PDF, it may be (given suitable vulnerabilities)
a JPEG or a video.

But yeah, I'm all for "keep your eyes open, and whenever you miss
one of your feet, learn from it". I practice that myself :-)

regards
- -- t
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlgkfOsACgkQBcgs9XrR2kYChACeIqPJ6dJcz2JmCosiF4nnPAP4
YwYAnRLlgs0fs3EKdbMLxgelFviXRv4w
=S+f0
-----END PGP SIGNATURE-----
Reply to: