Find the answer to your Linux question:
Results 1 to 2 of 2
I recently read that running: /usr/bin/lsattr `echo $PATH | tr ':' ' '` | grep i-- would identify any files made immutable by a cracker because no files are shipped ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux User
    Join Date
    Mar 2008
    Posts
    287

    Is this bad security info?


    I recently read that running:
    /usr/bin/lsattr `echo $PATH | tr ':' ' '` | grep i--
    would identify any files made immutable by a cracker because no files are shipped this way.
    I ran it and have well over a hundred files in /usr/bin and /bin that have a message:
    /usr/bin/lsattr: Operation not supported While reading flags on xxxxxxxx
    Is the statement correct have I been cracked? Would a cracker really use chattr on that many files?
    I'm a more than a bit suspicious of the statement read.
    This is on a Slackware 13.0 system.

  2. #2
    Linux Guru reed9's Avatar
    Join Date
    Feb 2009
    Location
    Boston, MA
    Posts
    4,651

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •