[Cialug] Can someone translate for me?

Josh More MoreJ at alliancetechnologies.net
Tue May 3 08:24:14 CDT 2011


For the file Foobar_42_X26LMAQ.tar in the FooBar2.1 directory:

1) Change the permissions so that they are so loose that anyone can do whatever they want.  Note that this step is unnecessary for the rest of the process and serves only to make data leakage and 2nd stage attacks easier.

2) Extract the file and watch the process.



More seriously, if you have to document this, you'd be better off by replacing this with a simple shell script that runs as "extract file".  This would allow you to put a lot of checks in there that are necessary should shouldn't be part of the documentation anyway.  You might also want to make sure that the chmod command is necessary.  I am having trouble coming up with a scenario where it would be.

Josh More | Senior Security Consultant - CISSP, GIAC-GSLC Gold, GIAC-GCIH
Alliance Technologies | www.AllianceTechnologies.net<http://www.AllianceTechnologies.net>
400 Locust St., Suite 840 | Des Moines, IA 50309
515.245.7701 | 888.387.5670 x7701

Blog: Don't just blame the bad guys, it's your fault too
http://www.alliancetechnologies.net/blogs/morej

How are we doing? Let us know here:
http://www.alliancetechnologies.net/forms/alliance-technologies-feedback-survey
________________________________
From: cialug-bounces at cialug.org [cialug-bounces at cialug.org] on behalf of Rob Miller [robarooney at gmail.com]
Sent: Tuesday, May 03, 2011 08:15
To: Central Iowa Linux Users Group
Subject: [Cialug] Can someone translate for me?

Can someone translate this *nix phrase into "instructional English"?  TIA.

In the FooBar2.1 directory:

1.  chmod 777 Foobar_42_X26LMAQ.tar
2.  tar –xvf Foobar_42_X26LMAQ.tar

Would the translation be something like:

1.  Copy the compressed Foobar file (*.tar) to the FooBar2.1 directory.
2.  Set the file permissions using the chmod 777 command.
3.  Extract the compressed contents of the Foobar file (*.tar) using the tar -xvf command.

Again, thanks for the help.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cialug.org/pipermail/cialug/attachments/20110503/559f0bb2/attachment.html>


More information about the Cialug mailing list