[ale] Sunday 05-22-05 6PM RUN-AS-ROOT CHALLENGE

ChangingLINKS.com groups at ChangingLINKS.com
Fri May 20 02:43:00 EDT 2005


> > What does the script do?
> >
> > root at 34[etc]# cat eth0down
> > #!/bin/sh
> > /sbin/ifconfig eth0 down
>
> So?  You'll be using the box sometime.  If this is your plan for the
> test, to provide ip and password, then shutdown your network, what kind
> of test is that?

No. That was not my plan, I was just illustrating a security feature.

You mention that I will bring up the box in the future. But, I think you 
forgot that (like Bob Toxen) I would restore (and clean) the system after you 
finished the challenge and then use my "daily use" security features. 
You would never get that call.

I think people are forgetting that the challenge was designed to set up an 
extreme case - and that I don't do the things mentioned there habitually.
In order to exploit my run-as-root setup, you would still have to get through 
the firewalls, etc. If that were easy, someone would have simply done it.



> I won't do any of the above.  As I noted in a previous email, repost
> your system issues and when I have time, I'll see what I can do to
> assist.  I'm on this list to learn and share what I learn.

First, you accept. 
Then, you forfeit.
No one will replace you. Everyone else started backpeddling long ago.
OK. Not that it means much, but I will consider that a "win."





> Then you give me entirely too much credit and no where near enough to
> others on this list.

I guess so. I really didn't think that you would back out on the agreement.
-- 
Wishing you Happiness, Joy, and Laughter,
Drew Brown
http://www.ChangingLINKS.com



More information about the Ale mailing list