Re: Join the fight against malicious commands given to new users
Cool, I'll add it to my signature.
But why not have a Welcome PM to new users telling them basic info about the forum, like the best way to get support on here, and of course not to execute commands with sudo rm -rf * in it?
Re: Join the fight against malicious commands given to new users
Quote:
Originally Posted by
p_quarles
He probably didn't use sudo, given that you don't need root privileges to delete your own home directory.
granted, but thats not what he said. He said he removed /home
Quote:
$ls -al | grep home
drwxr-xr-x 6 root root 4096 2007-04-07 21:44 home
under home:
]drwxr-xr-x 6 root root 4096 2007-04-07 21:44 .
drwxr-xr-x 21 root root 4096 2007-10-12 18:14 ..
drwxr-xr-x 2 ftp nogroup 4096 2007-03-31 13:48 ftp
drwxrwxr-x 2 root root 4096 2007-04-01 13:11 juan
drwxr-xr-x 22 patty patty 4096 2007-07-08 16:15 patty
drwxr-xr-x 112 toupeiro toupeiro 8192 2007-11-21 11:35 toupeiro
If I did not use sudo, I'd still have a /home directory :)
Re: Join the fight against malicious commands given to new users
Quote:
Originally Posted by
ice60
i think the sticky in the Absolute Beginner forum is rubbish, go and have a look quickly at the stickys and see if sudo rm -rf stands out in a title. i bet you miss it!
http://ubuntuforums.org/forumdisplay.php?f=73
if you highlight
don't sudo rm -rf / in a sticky title then you will see it even if only subconsciously.
if you can make it permanently stay as the first post, just below the stickys if that's possible??, then it will be almost impossible to miss it!
I didn't miss it, it's not there anymore! :(
Threads in Forum : Absolute Beginner Talk
Announcement: ATTENTION ALL USERS: Malicious Commands
Sticky: Quickguide: Installing/upgrading advice to Gutsy
Sticky: The Beginner Team has started
Sticky: Announcement: PMming and/or IMming mods
Sticky: Complete Guide to Installation in Ubuntu
Sticky: Filing Bug Reports Using Launchpad.
Sticky: READ FIRST prior to posting - IMPORTANT links ***PLUS INSTALL METHODS***
Normal Threads
Re: Join the fight against malicious commands given to new users
@toupeiro: Oh, right. /home, not ~ ](*,)
Re: Join the fight against malicious commands given to new users
Quote:
Originally Posted by
toupeiro
So... when your friend typed sudo rm -rf /home/warbird/download Were his files instantly gone, or did sudo stop him, and prompt him to confirm his actions by entering his system password? This step is there for more than one reason :) An operating system can sometimes only be as efficient as the one using it. I'm not saying that to be sarcastic or mean, and I hope this isn't being taken as overly critical, but I'd say he had two chances: 1) before he hit enter, and 2) when he typed his password.
and typing your password in a gui as opposed to a CLI is not really going to save you the step of double-checking yourself.
That sucks that your friend lost so much data, but I'm sure now that he identified what he did and will likely be more careful in the future. Sometimes it takes losing some data to put what you are doing into perspective. I hope this thread and all the autosignatures cut down on that actually happening. I've lost data a few times myself when I didn't intend to, but not without the gain of some education regarding what I did in the process. ;-)
If you think about it, this is likely a symptom of one of the things I find in *nix in general, that you have to type your password to do so much, that a regular Joe becomes lax with it and hands it out like candy, often without even thinking. This isn't a slight against the OS, it's just human nature. Anyone can become careless or complacent through monotony. I don't really think the situation above was indicative of a fault in the command or the manner in which it was used, it's just human nature and it happens in various ways with ALL operating systems and all security schemes...at least in my experience.
Re: Join the fight against malicious commands given to new users
Quote:
Originally Posted by
toupeiro
So... when your friend typed sudo rm -rf /home/warbird/download Were his files instantly gone, or did sudo stop him, and prompt him to confirm his actions by entering his system password? This step is there for more than one reason :) An operating system can sometimes only be as efficient as the one using it. I'm not saying that to be sarcastic or mean, and I hope this isn't being taken as overly critical, but I'd say he had two chances: 1) before he hit enter, and 2) when he typed his password.
and typing your password in a gui as opposed to a CLI is not really going to save you the step of double-checking yourself.
That sucks that your friend lost so much data, but I'm sure now that he identified what he did and will likely be more careful in the future. Sometimes it takes losing some data to put what you are doing into perspective. I hope this thread and all the autosignatures cut down on that actually happening. I've lost data a few times myself when I didn't intend to, but not without the gain of some education regarding what I did in the process. ;-)
If you do several sudo commands within a few minutes only the first one will be prompted for a password.
Re: Join the fight against malicious commands given to new users
Quote:
Originally Posted by
DoubleClicker
If you do several sudo commands within a few minutes only the first one will be prompted for a password.
This is true. Sudo has like a 60 second cache of your credential from the last execution. That is per shell session I believe. Again, if you are careful, you will be fine.
Windows has a similar scenario with its system file directories. In the end, your system is your responsibility. There is a great community of people here to help you, but you have to help yourself too :)
Re: Join the fight against malicious commands given to new users
Good idea!
I am learning the ropes on Ubuntu and feel that as I learn I should help as well - a fair price to pay for using the software imho.
I have changed my sig and I hope it helps!
Re: Join the fight against malicious commands given to new users
You have my support... And now I have a signature.
Re: Join the fight against malicious commands given to new users