THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
-rw-r--r--
-rw-r--r--
-rwxr-xr-x
...-rw-r--r--
-rw-r--r--
-rw-r--r--
...-rw-r--r--
-rwxr-xr-x
-rwxr-xr-x
-rwx--x--x
-rw-r--r--
-rwxr-xr-x
-rw-r--r--
-rwxr-xr-x
-rwxr-xr-x
-rwxr-xr-x
-rwxr-xr-x
-rw-r--r--
-rwxr-xr-x
Since you are here...some security tips for your Slackware systems:
FIRST USER - NEW SYSTEM
======
User ID ('UID') [ defaults to next available ]:
? User ID ('UID') [ defaults to next available ]: 12345
(is a good example that crackers will not find it).(Dont start users IDs up to 40000)
2. Dont add user to sudoers group.
You dont need sudo. You dont even need root, but thats a long story...(thats a blasphemy for most Slackers)
Just download xudo someware in your $PATH
and thats all.
Your user if know root password can execute any command need root access.
example: xudo slackpkg update
, xudo ./some.SlackBuild
etc...
To make it even better you can rename xudo to what ever you like, assume wns (WhoNeedSudo) ;)
So lets do it mv /usr/bin/xudo /usr/bin/wns
Now your commands should be: wns slackpkg upgrade-all
, wnd ./some.SlackBuild
, wns ls /root
etc... ;)
Conclusion: cracker dont know your user ID and cant guess it because its not 100?, you are not in sudoers group, you dont have sudo enable and you can even disable root...
Note: that with xudo or what ever you name it, during command is executed you are in full root mode (su -l
) but after finsh you are back in $USER $PATH
;).
3. If you ask, xudo is a fork of ktsuss BUT with lot of patches and since it will never be adopted from Slackware (lol), its not for public view...
If you want to build your own "xudo", download it from .builds/
CLEVER PASSWD
======
(TTLSHIWWYA)
and make it passw like this:
"T+L5?1WwY@"
"rT+L5?1WwY@"
"uT+L5?1WwY@"
SECURITY
======
/boot