[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: <Sigh>

Subject: Re: <Sigh>
From: Damion Yates <nospam [at] rd.bbc.co.uk>
Date: Jan 20 2000 23:15:28 EST
On Thu, 20 Jan 2000, Craig Andrews wrote:

You can jump to the part starting 'AHHHHHHHHHHHH' for the solution, I left
the rest in just incase anyone wanted to see how I think :-)

> A word of warning... DO NOT, UNDER ANY CIRCUMSTANCES, DOWNLOAD linzipv1.tgz
> FROM DOWNLOAD.COM!!!

Far too tempting :)

> Heres why...
>
> I downloaded it, extracted it,

You let it create usr/local/bin in the current directory ?

> and was initially worried by lack of documentation, source, or, in fact,
> anything other than the binary.

I used ldd ./LinZip and strings LinZip | more to check it didn't try and do
anything obvious.

Then setup a guest account and started the app thus:

strace ./LinZip 2>store

Examining store showed me it doing no harm at all, but requiring
/usr/local/bin/.LINzip.conf near the end of the trace before quitting, I got
a pretty pop up window too.

.LINzip.conf is binary format and I wasn't sure what it contained but risked
it anyway. With this in place LinZip started up and worked fine, it really
doesn't look that impressive though, it's requires commandline tools for all
the archive formats it handles, it's abilities are rather limited, it looks
very much 'work in progress' but it did work and was pretty, probably similar
to WinZip.

Plus the fact that I rarely use X anyway.

> Anyway, ran it,
> and was told 'permission
> denied'. Odd, I thought, checked the permissions, and sure enough,
> executable by anyone.

Either the binary you got was infected by some nasty code designed to cause
harm, and possibly try to gain root through known exploits. Or the faults
above and from here on are unrelated and down to another problem.

It certainly behaved fine for me and looking through the help and suchlike
of the app it looks far too much effort for an attempt at the former, so it
would have been somebody else who would have infected this.

> Well, then I tried to do something else, but nothing was responding.

In what sence? Your X server had hung ? I got that at one point from
LinZip, when holding down a mouse button on a help menu. Ctrl-Alt-F1'ing and
back to F7 cleared it I was gonna send a SIGHUP at the process, then kill it
if I was getting nowhere. Once I'd gone back to X just to double check if X
was still hung, I found that LinZip had crashed, but I was able to send a
forceful X kill event at it.

> Logged out, logged in, and couldn't! I can now log in to a console, but not
> in kdm. X simply restarts and presents me with the login prompt again.

If you experienced any problems in X, it is possible that at that moment your
window manager or desktop environment was writing to a vital config file in
${HOME}/.something so some file corruption could have occurred that would
stop you logging in. This is what I suspect is the case, fortunately Linux
unlike windows allows loads of technical methods to trace exactly what is up.
Unfortunately* unlike windows everything is technical and difficult :)

I would create a new user and see if that worked, then copy userdata across
if .profile .gnome_session_blah .Xdefaults and suchline files are broke
then this will cure that.

> I currently have permission to do the following:
>
> Run programs listed under /home/craig, and which already are set to belong
> to me. Thats it.

> I can log in as root OK, and do anything I damn well like, but not with any
> other user.
>
> Now what I want to know is, how do I put this hunk o' junk back to normal,
> and prevent such nasties happening again.
>
> I can't remember, unfortunately, wether I was logged in as me, or su'ed to
> root when running it. As far as I can remember tho', I was only logged in as
> me.

AHHHHHHHHHHHH!!!!!!!!!!!!!!! got it!!!!!!

Ignore everything else :) I've left it there as it might be useful for
someone.

The silly lamers have a tar that removes perms from vital directories!
Somebody really should let download.com and the author know about this.
pants:~$ tar ztfv linzipv1.tgz
drwx------ root/root 0 1999-12-13 07:05 usr/
drwx------ root/root 0 1999-12-13 07:05 usr/local/
drwx------ root/root 0 1999-12-17 02:33 usr/local/bin/
-rw-r--r-- root/root 64 1999-12-13 07:05 usr/local/bin/.LINzip.conf
-rwxr-xr-x root/root 2595239 1999-12-17 02:33 usr/local/bin/LinZip

I'd assumed you were not logged in as root until you mentioned you couldn't
remember. The fact that it requires being run as root from / (asks that on
the website) probably made you su and follow the instructions no?

> Please help quickly, as I have several assignments which need completing as
> soon as poss, in being unable to even look at them is quite unfortunate.

Okay as root type:

chmod 755 /usr /usr/local /usr/local/bin

That should fix everything, I'm pretty sure this will be it.

Damion

--
Damion Yates - Senior Internet Operations Engineer - Internet Services
email: Damion.Yates [at] bbc.co.uk - phone: +44 1737 839510

Start your own FREE mailing list at

&copy; 2000 Microsoft Corporation. All Rights Reserved
Prev by Date: <Sigh>
Next by Date: RE: <Sigh>
Prev by thread: <Sigh>
Next by thread: RE: <Sigh>
Index(es):
- Date
- Thread