python adds an extra half space when reading from a string or list
Chris Angelico
rosuav at gmail.com
Wed Jul 3 13:23:34 EDT 2013
On Thu, Jul 4, 2013 at 3:07 AM, Νίκος <nikos at superhost.gr> wrote:
> Στις 3/7/2013 7:53 μμ, ο/η Chris Angelico έγραψε:
>> What are the file permissions (file modes) on all your home
>> directories? Do you know what they mean?
>
>
> root at nikos [~]# ls -al /home
> total 88
> drwx--x--x 22 root root 4096 Jul 3 20:03 ./
> drwxr-xr-x 22 root root 4096 Jun 12 01:21 ../
> drwx--x--x 14 akis akis 4096 Apr 5 22:21 akis/
> same with others just +x for group and others.
>
> Does that mean you can easily i.e. 'cd /home/akis/' accessing their home
> directories?
Yes.
> Shall i 'chmod -x /home/dirs' ?
Only if you know what it will do. Your solutions to problems always
seem to be "If I do this, will the problem be fixed?" without
demonstrating any understanding of what will be changed. Maybe you do
know and aren't showing it, but I suspect that (in many cases at
least) you simply do not understand what you are doing.
>> I'm happy to take you up on that offer if you need another lesson in
>> not giving out shell access. And don't forget, privilege escalation
>> attacks do exist.
>
>
> Yes they do, but cPanel offers some protection against these kind of methods
> called "CPHulk" so it wont be easy!
Neat. Now I know how to lock you out of your own account. Five seconds
with Google brought this up:
http://docs.cpanel.net/twiki/bin/view/11_30/WHMDocs/CPHulk
Can you, by reading that page, tell me what I would have to do to stop
you from accessing your login?
Also, CPHulk does not appear to have _any_ protection against
privilege escalation. It's a completely different thing. So once
again, it appears - maybe that appearance is wrong - that you have
done something that "ought to fix security" without knowing anything
about what it actually does.
ChrisA
More information about the Python-list
mailing list