[selinux] Fedora in the wild! Or, try out this script kiddie shell.
Robin Lee Powell
rlpowell at digitalkingdom.org
Sat Feb 18 06:52:46 UTC 2012
Erm, I meant "SELinux in the wild!" in the subject. :P
-Robin
On Fri, Feb 17, 2012 at 10:48:15PM -0800, Robin Lee Powell wrote:
> I just discovered, because setroubleshootd was taking up all my CPU
> time :D, that there's a script kiddie console on my webserver, which
> is not only running selinux, but is running it with unconfined
> mostly off.
>
> This amuses me. Not least because it turns out I copied it over
> from my previous server 0.o, so it's been around for years.
>
> I've eliminated the immediate problem, in the form of:
>
> iptables -I INPUT -s 180.76.6.0/24 -j DROP
> iptables -I INPUT -s 180.76.5.0/24 -j DROP
>
> but I invite you all to poke at it:
>
> http://www.lojban.org/story/bok.php
>
> I'm just curious as to whether anyone can get it to do anything
> *remotely* bad, given my configuration. I'd rather you didn't ruin
> the machine (although I could certainly recover), but other than
> that, have at.
>
> -Robin
>
> --
> http://singinst.org/ : Our last, best hope for a fantastic future.
> .i ko na cpedu lo nu stidi vau loi jbopre .i danfu lu na go'i li'u .e
> lu go'i li'u .i ji'a go'i lu na'e go'i li'u .e lu go'i na'i li'u .e
> lu no'e go'i li'u .e lu to'e go'i li'u .e lu lo mamta be do cu sofybakni li'u
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
--
http://singinst.org/ : Our last, best hope for a fantastic future.
.i ko na cpedu lo nu stidi vau loi jbopre .i danfu lu na go'i li'u .e
lu go'i li'u .i ji'a go'i lu na'e go'i li'u .e lu go'i na'i li'u .e
lu no'e go'i li'u .e lu to'e go'i li'u .e lu lo mamta be do cu sofybakni li'u
More information about the selinux
mailing list