Page 11 of 20 FirstFirst ... 910111213 ... LastLast
Results 101 to 110 of 193

Thread: Join the fight against malicious commands given to new users

  1. #101
    Join Date
    Jul 2007
    Location
    Tempe, Arizona
    Beans
    409
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: Join the fight against malicious commands given to new users

    Cool, I'll add it to my signature.

    But why not have a Welcome PM to new users telling them basic info about the forum, like the best way to get support on here, and of course not to execute commands with sudo rm -rf * in it?

  2. #102
    Join Date
    Jan 2007
    Location
    Houston, TX
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: Join the fight against malicious commands given to new users

    Quote Originally Posted by p_quarles View Post
    He probably didn't use sudo, given that you don't need root privileges to delete your own home directory.
    granted, but thats not what he said. He said he removed /home


    $ls -al | grep home
    drwxr-xr-x 6 root root 4096 2007-04-07 21:44 home

    under home:

    ]drwxr-xr-x 6 root root 4096 2007-04-07 21:44 .
    drwxr-xr-x 21 root root 4096 2007-10-12 18:14 ..
    drwxr-xr-x 2 ftp nogroup 4096 2007-03-31 13:48 ftp
    drwxrwxr-x 2 root root 4096 2007-04-01 13:11 juan
    drwxr-xr-x 22 patty patty 4096 2007-07-08 16:15 patty
    drwxr-xr-x 112 toupeiro toupeiro 8192 2007-11-21 11:35 toupeiro
    If I did not use sudo, I'd still have a /home directory
    Last edited by toupeiro; November 21st, 2007 at 09:36 PM.
    "Its easy to come up with new ideas, the hard part is letting go of what worked for you two years ago, but will soon be out of date." -Roger von Oech

  3. #103
    Bruce M. is offline Chocolate Ubuntu Mocha Blend
    Join Date
    Sep 2007
    Beans
    Hidden!

    Re: Join the fight against malicious commands given to new users

    Quote Originally Posted by ice60 View Post
    i think the sticky in the Absolute Beginner forum is rubbish, go and have a look quickly at the stickys and see if sudo rm -rf stands out in a title. i bet you miss it!
    http://ubuntuforums.org/forumdisplay.php?f=73

    if you highlight don't sudo rm -rf / in a sticky title then you will see it even if only subconsciously.

    if you can make it permanently stay as the first post, just below the stickys if that's possible??, then it will be almost impossible to miss it!
    I didn't miss it, it's not there anymore!

    Threads in Forum : Absolute Beginner Talk
    Announcement: ATTENTION ALL USERS: Malicious Commands
    Sticky: Quickguide: Installing/upgrading advice to Gutsy
    Sticky: The Beginner Team has started
    Sticky: Announcement: PMming and/or IMming mods
    Sticky: Complete Guide to Installation in Ubuntu
    Sticky: Filing Bug Reports Using Launchpad.
    Sticky: READ FIRST prior to posting - IMPORTANT links ***PLUS INSTALL METHODS***
    Normal Threads

  4. #104
    Join Date
    May 2007
    Beans
    7,032
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: Join the fight against malicious commands given to new users

    @toupeiro: Oh, right. /home, not ~
    I am aware of all internet traditions. | Getting the best help | Text formatting codes | My last.fm profile
    Should I PM support questions? NO!

  5. #105
    Join Date
    Nov 2007
    Beans
    73
    Distro
    Ubuntu 7.10 Gutsy Gibbon

    Re: Join the fight against malicious commands given to new users

    Quote Originally Posted by toupeiro View Post
    So... when your friend typed sudo rm -rf /home/warbird/download Were his files instantly gone, or did sudo stop him, and prompt him to confirm his actions by entering his system password? This step is there for more than one reason An operating system can sometimes only be as efficient as the one using it. I'm not saying that to be sarcastic or mean, and I hope this isn't being taken as overly critical, but I'd say he had two chances: 1) before he hit enter, and 2) when he typed his password.

    and typing your password in a gui as opposed to a CLI is not really going to save you the step of double-checking yourself.

    That sucks that your friend lost so much data, but I'm sure now that he identified what he did and will likely be more careful in the future. Sometimes it takes losing some data to put what you are doing into perspective. I hope this thread and all the autosignatures cut down on that actually happening. I've lost data a few times myself when I didn't intend to, but not without the gain of some education regarding what I did in the process.
    If you think about it, this is likely a symptom of one of the things I find in *nix in general, that you have to type your password to do so much, that a regular Joe becomes lax with it and hands it out like candy, often without even thinking. This isn't a slight against the OS, it's just human nature. Anyone can become careless or complacent through monotony. I don't really think the situation above was indicative of a fault in the command or the manner in which it was used, it's just human nature and it happens in various ways with ALL operating systems and all security schemes...at least in my experience.
    NEVER use a command given to you before asking and knowing exactly what it does. Make sure you know what it is that you're telling your system to do before doing it; some commands can be very harmful to your system or leave you vulnerable to attack.

  6. #106
    Join Date
    Apr 2006
    Beans
    Hidden!
    Distro
    Ubuntu 13.04 Raring Ringtail

    Re: Join the fight against malicious commands given to new users

    Quote Originally Posted by toupeiro View Post
    So... when your friend typed sudo rm -rf /home/warbird/download Were his files instantly gone, or did sudo stop him, and prompt him to confirm his actions by entering his system password? This step is there for more than one reason An operating system can sometimes only be as efficient as the one using it. I'm not saying that to be sarcastic or mean, and I hope this isn't being taken as overly critical, but I'd say he had two chances: 1) before he hit enter, and 2) when he typed his password.

    and typing your password in a gui as opposed to a CLI is not really going to save you the step of double-checking yourself.

    That sucks that your friend lost so much data, but I'm sure now that he identified what he did and will likely be more careful in the future. Sometimes it takes losing some data to put what you are doing into perspective. I hope this thread and all the autosignatures cut down on that actually happening. I've lost data a few times myself when I didn't intend to, but not without the gain of some education regarding what I did in the process.
    If you do several sudo commands within a few minutes only the first one will be prompted for a password.

  7. #107
    Join Date
    Jan 2007
    Location
    Houston, TX
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: Join the fight against malicious commands given to new users

    Quote Originally Posted by DoubleClicker View Post
    If you do several sudo commands within a few minutes only the first one will be prompted for a password.
    This is true. Sudo has like a 60 second cache of your credential from the last execution. That is per shell session I believe. Again, if you are careful, you will be fine.

    Windows has a similar scenario with its system file directories. In the end, your system is your responsibility. There is a great community of people here to help you, but you have to help yourself too
    Last edited by toupeiro; November 21st, 2007 at 10:03 PM.
    "Its easy to come up with new ideas, the hard part is letting go of what worked for you two years ago, but will soon be out of date." -Roger von Oech

  8. #108
    Join Date
    Aug 2007
    Location
    Earth Bound Misfit
    Beans
    29
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Join the fight against malicious commands given to new users

    Good idea!

    I am learning the ropes on Ubuntu and feel that as I learn I should help as well - a fair price to pay for using the software imho.

    I have changed my sig and I hope it helps!
    If someone asks you to sudo rm -rf anything, don't do it, and don't run any command with rm in it unless you know exactly what you're doing!
    Click here to read more
    Another happy Ubuntu user since 7.10 Gutsy Gibbon.

  9. #109
    Join Date
    Aug 2007
    Location
    NY, United States
    Beans
    169
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: Join the fight against malicious commands given to new users

    You have my support... And now I have a signature.
    Acer Aspire 5050-5554 w/ 4GB RAM upgrade. Ubuntu Aug 07 - Dec 08; Arch Linux Dec 08 - July 2011; Ubuntu again since July 2011.
    "Triclops": Home-built AMD Athlon II X2 250, 4GB RAM, Radeon 6570, 500GB HDD. Ubuntu/Windows-XP duo since Jun 2010.

  10. #110
    Join Date
    May 2007
    Beans
    1,383
    Distro
    Ubuntu

    Re: Join the fight against malicious commands given to new users

    Added
    The best in life is free

Page 11 of 20 FirstFirst ... 910111213 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •