[ale] One for systemd haters
DJ-Pfulio
DJPfulio at jdpfu.com
Tue Oct 9 14:29:32 EDT 2018
Some times it is just fun to do a chattr +i to be just a little evil for
noobs ... or to prevent the resolv.conf from being freakin' modified!
There's lots of fun ways to screw with file permissions that aren't
obvious at first glance.
* read-only NFS mount for /var/html/ - web devs LOVE this!
* mount over an existing directory that is full of stuff (flash drive
mounted over someone's HOME is almost always fun.
* abusing ACLs, so everyone except your target has access. ;) "Works for me"
On 10/09/2018 01:31 PM, Jim Kinney wrote:
> security through extra knowledge obscurity....
>
> On Tue, 2018-10-09 at 12:19 -0400, DJ-Pfulio via Ale wrote:
>> Not that anyone cares, but found it on Ubuntu 16.04 ... but not in a directory
>> that would be modified outside the package management.
>>
>> /lib/systemd/system$ ll -- -.slice
>> -rw-r--r-- 1 root root 403 Jul 30 16:39 -.slice
>>
>>
>> If their intent was to make it hard to modify for noobs, they've succeeded.
>>
>>
>>
>> On 10/09/2018 11:10 AM, Lightner, Jeffrey via Ale wrote:
>> Jim followed up saying he saw it on CentOS7. I saw the same "-slice" file on 2 of my RHEL7 systems before I posted. CentOS7 is compiled from RHEL7 sources.
>>
>> Since he didn't see it in Fedora and you don't see it in *Suse15 it may be something that was there in earlier implementations of Systemd that they figured out was a bad idea and got rid of in later ones. RHEL7 (and therefore CentOS7) by design doesn't update to latest and greatest of anything. Fedora on the other hand is bleeding edge.
>>
>>
>> -----Original Message-----
>> From: Ale [mailto:ale-bounces at ale.org <mailto:ale-bounces at ale.org>] On Behalf Of James Taylor via Ale
>> Sent: Tuesday, October 09, 2018 11:05 AM
>> To: Atlanta LinuxEnthusiasts; Jim Kinney
>> Subject: Re: [ale] One for systemd haters
>>
>> Same here. I checked on my openSUSE Leap 15 and SLES15 systems. No files starting with - IS there some special case where it is used?
>> -jt
>>
>>
>>
>> James Taylor
>> 678-697-9420
>> james.taylor at eastcobbgroup.com <mailto:james.taylor at eastcobbgroup.com>
>>
>>
>>
>> Jim Kinney via Ale <ale at ale.org <mailto:ale at ale.org>> 10/9/2018 10:50 AM >>>
>> ????? That is not what I see in my /usr/lib/systemd/system dir.
>> There's
>> exactly 0 files whose name begins with a '-'. That would be beyond dumb. I suspect a faulty distro implementation.
>> Checked on Fedora 28 and CentOS 7.5. No -name files.
>>
>>
>> On Tue, 2018-10-09 at 14:38 +0000, Lightner, Jeffrey via Ale wrote:
>> I just ran across this issue. (Not asking for help since the link
>> solved it – just venting.)
>>
>>
>>
>>
>> https://serverfault.com/questions/844584/why-grep-doesnt-work-in-the-usr-lib-systemd-system-directory
>>
>>
>>
>> What mentally deficient cretin in the Systemd development world
>> decided naming a file with a “-“ as first character was a good idea?
>>
>>
>>
>>
>> This is right up there with Oracle long ago deciding to name things
>> “core” while ignoring the fact most people had cron jobs to find
>> and
>> delete core dump files on a regular basis.
>>
>> P.S. I still generally like Systemd but this filename is a fairly
>> stupid thing to do.
>>
More information about the Ale
mailing list