Re: [Full-disclosure] New RFID Mailing List Owner 0day

Your script assumes a few things that are not part of a default
Slackware install.

# This script was created for use on Slackware!

exit 5

What is the purpose of the exit status code of 5? Yes, any non-zero
number indicates an error. Common exit codes are 0 (succeeded), 1 (or
any non-zero number, failure), 126 (command found but not executable),
127 (command not found), and 128+N (fatal error where N is the SIGNAL
that caused the exit). An exit status of 5 works, just curious as to
its purpose.

chown root.staff ping

"staff" is not a default group in Slackware. Your script assumes that
it has already been created.

chmod 500 ttysnoop

"ttysnoop" is not installed by Slackware.

chmod 600 inetd.conf

It would also be a good idea to remove the execute permissions from
/etc/rc.d/rc.inetd and any other service in /etc/rc.d that isn't
needed. Restricting the read permissions of the contents of that
directory is also a good idea.

cp /root/slack/syslog.conf /etc

The file, "/root/slack/syslog.conf" does not exist by default in Slackware.

# Tighten up the log file perms now
cd /var/log
chmod 600 syslog log.auth log.cron log.daemon log.kern log.mail
log.mark log.syslog
chmod 600 log.user messages ftp.log secure.log
chown root.wheel syslog log.auth log.cron log.daemon log.kern
log.mail log.mark log.syslog
chown root.wheel log.user messages ftp.log secure.log

Most of these files do not exist by default. I'll assume that they
are the product of your custom syslog.conf.

echo "MAKE SURE YOU ADD USERS THAT YOU WANT TO BE ABLE TO SU TO
ROOT"
echo "TO THE ROOT AND WHEEL GROUPS OR THEY WON'T BE ABLE TO!!!!!!."

There is nothing in a default Slackware install that will restrict the
use of the "su" command. Slackware does not use PAM. The
"/etc/suauth" file does not exist by default.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

  • Re: [slrn] Slackware package 0.9.9-69
    ... works well enough but is not exactly elegant: ... Like a dog at a bone, as my wife constantly accuses me, I pursued the ... Slackware 12 is cursed with this small problem. ... BTW thanks again for the steer on the PV SlackBuild script for the ...
    (news.software.readers)
  • RE: [Info-ingres] Starting Ingres at boot time
    ... Thanks Mike and thanks to everyone who posted. ... I am running 3.0.2 on Slackware 10.1. ... Attached is the /etc/init.d/ingresII script that is created during an RPM ... install on RedHat or SuSE. ...
    (comp.databases.ingres)
  • Re: bash question
    ... > Paul is not familiar with slackware. ... Show the script if necessary. ... echo "| $NAME-$VERSION |" ... # Replace a couple icons with better looking icons. ...
    (comp.os.linux.misc)
  • Re: DVD burner mounting problems: not a block device
    ... Slackware uses a BSD-style init. ... out which script that is and modify that one. ... inittab is the configuration file for /sbin/init, ... right place--varies with distro, and I've never used Slack, so I don't ...
    (comp.os.linux.hardware)
  • Re: CDEBUGFLAGS versus CFLAGS
    ... >using a Slackware build script as my starting point. ... why is the script using CDEBUGFLAGS instead of CFLAGS? ...
    (comp.os.linux.x)