Re: Missing OS2008 cmdline apps (was Re: how to install OS2007?)
On Thu, Jan 10, 2008 at 03:32:51AM +0100, sebastian maemo wrote: Dear Marius: 2007/12/29, Marius Gedminas [EMAIL PROTECTED]: So, what command-line tools do you miss? I've got an idle scratchbox here. Could you please make a deb package for aircrack-ng for 770? If it's a simple matter of recompiling a source package, then yes, sure. If you tell me where to find the source package. Regards, Marius Gedminas -- This sentence does in fact not have the property it claims not to have. signature.asc Description: Digital signature ___ maemo-users mailing list maemo-users@maemo.org https://lists.maemo.org/mailman/listinfo/maemo-users
Re: Missing OS2008 cmdline apps (was Re: how to install OS2007?)
Dear Marius: 2007/12/29, Marius Gedminas [EMAIL PROTECTED]: So, what command-line tools do you miss? I've got an idle scratchbox here. Could you please make a deb package for aircrack-ng for 770? Thank you very much in advance. Salut, Sebas. ___ maemo-users mailing list maemo-users@maemo.org https://lists.maemo.org/mailman/listinfo/maemo-users
Re: Missing OS2008 cmdline apps (was Re: how to install OS2007?)
On Wednesday 02 January 2008 06:07:47 Marius Gedminas wrote: On Tue, Jan 01, 2008 at 11:42:01PM -0800, James Sparenberg wrote: Hendrik, Actually ping requires root on all systems. Since in order to do icmp you need to put the nic into a different mode than it runs in normally. The way it is normally done on every other linux distro is to do (as root) chmod u+s /usr/bin/ping (or /bin/ping on busybox enabled systems) This will, yes, set ping as setuid root. If you look at any other Linux you see that they all run ping setuid root. If you do that with /bin/ping on busybox-enabled systems, it will set *all* busybox utils (including /bin/sh) setuid root. Gun. Foot. Safety off. Good luck, Marius Gedminas Marius, Yes it would seem so, and I expected it to happen, but if you do chmod u+s /bin/ping ... a normal user can run ping. But then if you turn around and do (after the chmod) cat /etc/sudoers As an unprivileged user ... it will give you a permission denied. (normal reaction) Then I walk over to my debian system and run chmod u+s /bin/cat Now on my debian system cat allows me to cat /etc/sudoers Normally an unprivileged user cannot cat /etc/sudoers. Running through the entire list of apps in /bin linked to busybox shows the same result. Only ping is setuid root. Conversly if I do chmod u-s /bin/ping (removing setuid) chmod u+s /bin/cat (setting setuid) cat can cat /etc/sudoers and a normal user cannot ping. James ___ maemo-users mailing list maemo-users@maemo.org https://lists.maemo.org/mailman/listinfo/maemo-users
Re: Missing OS2008 cmdline apps (was Re: how to install OS2007?)
Hi, ext Marius Gedminas wrote: On Thu, Dec 27, 2007 at 04:43:51PM +0100, Zoran Kolic wrote: If you're a new user, I'd forget O7 and go directly to 08. There's enough 08 stuff for a new user that you'll spend a week or more exploring all that's available, and by then, even more stuff will be available. A lot of useful command line tools have gone to the mist. Hope the same will not get perl, python, ruby... So, what command-line tools do you miss? I've got an idle scratchbox here. The best place for the command line tools is this: http://maemo.org/development/tools/ For ping, I think best solution would be to take it out of Busybox and provide it as a separate package (including ping6) in the tools repo. This is discussed in following Busybox feature requests: https://bugs.maemo.org/show_bug.cgi?id=419 https://bugs.maemo.org/show_bug.cgi?id=700 - Eero ___ maemo-users mailing list maemo-users@maemo.org https://lists.maemo.org/mailman/listinfo/maemo-users
Re: Missing OS2008 cmdline apps (was Re: how to install OS2007?)
On Tue, Jan 01, 2008 at 11:42:01PM -0800, James Sparenberg wrote: Hendrik, Actually ping requires root on all systems. Since in order to do icmp you need to put the nic into a different mode than it runs in normally. The way it is normally done on every other linux distro is to do (as root) chmod u+s /usr/bin/ping (or /bin/ping on busybox enabled systems) This will, yes, set ping as setuid root. If you look at any other Linux you see that they all run ping setuid root. If you do that with /bin/ping on busybox-enabled systems, it will set *all* busybox utils (including /bin/sh) setuid root. Gun. Foot. Safety off. Good luck, Marius Gedminas -- Sufficiently advanced incompetence is indistinguishable from malice. -- David Sawford signature.asc Description: Digital signature ___ maemo-users mailing list maemo-users@maemo.org https://lists.maemo.org/mailman/listinfo/maemo-users
Re: Missing OS2008 cmdline apps (was Re: how to install OS2007?)
On Sunday 30 December 2007 06:50:05 am [EMAIL PROTECTED] wrote: On Sat, Dec 29, 2007 at 07:23:15PM -0500, James Knott wrote: Peter Flynn wrote: Marius Gedminas wrote: On Thu, Dec 27, 2007 at 04:43:51PM +0100, Zoran Kolic wrote: If you're a new user, I'd forget O7 and go directly to 08. There's enough 08 stuff for a new user that you'll spend a week or more exploring all that's available, and by then, even more stuff will be available. A lot of useful command line tools have gone to the mist. Hope the same will not get perl, python, ruby... So, what command-line tools do you miss? I've got an idle scratchbox here. ping and traceroute would be useful. Ping is there, but you have to be root to use it. That's bizarre. What security implications are there in ping that would mean it has to be run only by root? Forcing people to use root when not necessary is itself a security problem. -- hendrik Hendrik, Actually ping requires root on all systems. Since in order to do icmp you need to put the nic into a different mode than it runs in normally. The way it is normally done on every other linux distro is to do (as root) chmod u+s /usr/bin/ping (or /bin/ping on busybox enabled systems) This will, yes, set ping as setuid root. If you look at any other Linux you see that they all run ping setuid root. James ___ maemo-users mailing list maemo-users@maemo.org https://lists.maemo.org/mailman/listinfo/maemo-users
Re: Missing OS2008 cmdline apps (was Re: how to install OS2007?)
On Sunday 30 December 2007 08:10:39 am Peter Flynn wrote: Tuomas Kulve wrote: [EMAIL PROTECTED] wrote: That's bizarre. What security implications are there in ping that would mean it has to be run only by root? Forcing people to use root when not necessary is itself a security problem. Ping seems to be setuid root on my debian. So it's run as root here too. That's because 'debianite' is an anagram of 'anal-retentive' (well, it's not, but it ought to be :-) A Debian contributor once told me that all utilities which access the network should be root-privileged because otherwise they would allow ordinary users to know of (or detect) the existence of other machines, which might be a security breach. ///Peter Peter don't believe everything they tell you. They tend to blow their fair share of sunshine *grin* But seriously. Even Debian has to run it setuid root. As in order to ping you have to modify the nic's run mode. James ___ maemo-users mailing list maemo-users@maemo.org https://lists.maemo.org/mailman/listinfo/maemo-users
Re: Missing OS2008 cmdline apps (was Re: how to install OS2007?)
[EMAIL PROTECTED] wrote: That's bizarre. What security implications are there in ping that would mean it has to be run only by root? Forcing people to use root when not necessary is itself a security problem. Ping seems to be setuid root on my debian. So it's run as root here too. -- Tuomas signature.asc Description: OpenPGP digital signature ___ maemo-users mailing list maemo-users@maemo.org https://lists.maemo.org/mailman/listinfo/maemo-users
Re: Missing OS2008 cmdline apps (was Re: how to install OS2007?)
I've built some today (less, links, mc, wget; made vim actually installable). I don't have upload privileges to maemo extras yet, so you can find them only at http://mg.pov.lt/770/ ... Marius Gedminas Hi Marius, thanks for providing mc. That makes remote working on the device much more convenient (at least for me ;-) Happy new year to you and the community Best regards Krischan ___ maemo-users mailing list maemo-users@maemo.org https://lists.maemo.org/mailman/listinfo/maemo-users
Re: Missing OS2008 cmdline apps (was Re: how to install OS2007?)
Tuomas Kulve wrote: [EMAIL PROTECTED] wrote: That's bizarre. What security implications are there in ping that would mean it has to be run only by root? Forcing people to use root when not necessary is itself a security problem. Ping seems to be setuid root on my debian. So it's run as root here too. That's because 'debianite' is an anagram of 'anal-retentive' (well, it's not, but it ought to be :-) A Debian contributor once told me that all utilities which access the network should be root-privileged because otherwise they would allow ordinary users to know of (or detect) the existence of other machines, which might be a security breach. ///Peter ___ maemo-users mailing list maemo-users@maemo.org https://lists.maemo.org/mailman/listinfo/maemo-users
Re: Missing OS2008 cmdline apps (was Re: how to install OS2007?)
On Sun, Dec 30, 2007 at 05:03:42PM +0200, Tuomas Kulve wrote: [EMAIL PROTECTED] wrote: That's bizarre. What security implications are there in ping that would mean it has to be run only by root? Forcing people to use root when not necessary is itself a security problem. Ping seems to be setuid root on my debian. So it's run as root here too. There's a big difference between setuid root ahd having to be root. I presume ping can handle its own security issues and ping properly and unobjectionably. But if I have to become root before executing ping, there's a whole load of trouble I can get into by forgetting the stop being root after I've run ping. Not to mention that I might be a know-little user who can't be trusted with full root access. Who might know just enough to get into serious trouble but not enough not to. -- hendrik ___ maemo-users mailing list maemo-users@maemo.org https://lists.maemo.org/mailman/listinfo/maemo-users
Re: Missing OS2008 cmdline apps (was Re: how to install OS2007?)
Marius Gedminas wrote: On Thu, Dec 27, 2007 at 04:43:51PM +0100, Zoran Kolic wrote: If you're a new user, I'd forget O7 and go directly to 08. There's enough 08 stuff for a new user that you'll spend a week or more exploring all that's available, and by then, even more stuff will be available. A lot of useful command line tools have gone to the mist. Hope the same will not get perl, python, ruby... So, what command-line tools do you miss? I've got an idle scratchbox here. ping and traceroute would be useful. ///Peter ___ maemo-users mailing list maemo-users@maemo.org https://lists.maemo.org/mailman/listinfo/maemo-users
Re: Missing OS2008 cmdline apps (was Re: how to install OS2007?)
A lot of useful command line tools have gone to the mist. Hope the same will not get perl, python, ruby... So, what command-line tools do you miss? I've got an idle scratchbox here. None. I still have my 770 and it works fine. I made a mistake and said my word or two about trend in device making. I am bsd user and having dedicated box just for few apps is no go to me. Sorry for the noise. I've built some today (less, links, mc, wget; made vim actually installable). I don't have upload privileges to maemo extras yet, so you can find them only at http://mg.pov.lt/770/ Huts down! Ten point for you! Python is semi-installable on OS2008 today; for some packages you have to go through the kitten dance[1] to avoid broken CDN proxies. Broken repository is a shame. And 2-3 weeks of broken repository is something I cannot say on the list. [1] The kitten dance is this (needs root): I put all files in the same directory and it goes well. I found your answers very helpfull. So thank you for the sake od maemo users. Zoran ___ maemo-users mailing list maemo-users@maemo.org https://lists.maemo.org/mailman/listinfo/maemo-users
