Results 1 to 2 of 2
I recently read that running:
/usr/bin/lsattr `echo $PATH | tr ':' ' '` | grep i--
would identify any files made immutable by a cracker because no files are shipped ...
- 01-15-2010 #1Linux User
- Join Date
- Mar 2008
- Posts
- 287
Is this bad security info?
I recently read that running:
/usr/bin/lsattr `echo $PATH | tr ':' ' '` | grep i--
would identify any files made immutable by a cracker because no files are shipped this way.
I ran it and have well over a hundred files in /usr/bin and /bin that have a message:
/usr/bin/lsattr: Operation not supported While reading flags on xxxxxxxx
Is the statement correct have I been cracked? Would a cracker really use chattr on that many files?
I'm a more than a bit suspicious of the statement read.
This is on a Slackware 13.0 system.
- 01-15-2010 #2Linux Guru
- Join Date
- Feb 2009
- Location
- Boston, MA
- Posts
- 4,651
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts