Sat, 28 Jan 2006
Terminate Bash Session on Timeout
One of the lesser known features of bash is '$TMOUT'. When assigned a
positive number this variable has two functions. When used in a script
TMOUT is the timeout value for the 'select' command and the 'read' built-in.
When used in an interactive shell, and assigned a positive number, $TMOUT is the number of seconds bash will wait (after outputting the prompt) before it terminates; typically killing the users session. This is often used to ensure that unused root prompts are not left logged in for more than a minute or two without auto-closing. While this can catch a lot of people at first they soon discover that you can do a 'TMOUT=500000' or similar command. This is where 'declare' comes in.
The 'declare' built-in supports a number of options, the relevant one here is '-r', which makes the variable read-only and immune to modification. Even by root. With a little bit of planning you can add an entry to the users profiles or login scripts that they can't touch and will ensure that their sessions don't stay logged in when they're not using them.
Like this post? - Digg Me! | Add to del.icio.us! | reddit this!
Posted: 2006/01/28 20:57 | /tools/commandline | Permanent link to this entry | This entry + same date
Over Mounting in Linux
A topic that's been discussed to great length on one of (many) Linux lists
I lurk on has been that of mounting one file over another. It's easier to
show this with an example:
$ cat password dwilson:password $ cat fakepassword attacker:fakepassword (root) $ mount --bind fake_password password $ cat password attacker:fakepassword
While this requires root access (or flimsy mount permissions) to execute, it is a nasty little trick. An 'ls' won't show anything strange but a 'mount' command will. It's also worth noting that this can be done with binary and executable files. 'root# mount --bind /tmp/attacker_ps /bin/ps' works as well as the example did.
Like this post? - Digg Me! | Add to del.icio.us! | reddit this!
Posted: 2006/01/28 19:46 | /security | Permanent link to this entry | This entry + same date
Blosxom Plugin: Immediate Action Feeds
The Blosxom
Immediate Action Feeds Plugin adds a number of links to the bottom
of each blosxom post; both HTML and RSS flavours. These links allow easy
interaction with a number of online services. This version of the plugin
adds links for del.icio.us, Digg and reddit.
When one of the links is clicked it takes the user to the site and attempts to autofill as many of the required fields as possible. For more details see either the POD at the bottom of the source code or the README contained in the Compressed version of the Immediate Action Feeds plugin
Like this post? - Digg Me! | Add to del.icio.us! | reddit this!
Posted: 2006/01/28 16:30 | /tools/online | Permanent link to this entry | This entry + same date
Blosxom Plugin: Digg Me!
The
digg_me plugin changes each post (both RSS and HTML
flavours) and adds a clickable link that takes you to a pre-populated
"Submit a story to Digg" page. And fills in the URL and title for you.
The Digg Me! source code is pretty simple (mostly the same as the Reddit and del.icio.us plugins) but you'll probably need to change the '$post_url' to suit your sites permalink format. The code's GPL'd and I've tested it on my own site so it mostly works.
Like this post? - Digg Me! | Add to del.icio.us! | reddit this!
Posted: 2006/01/28 14:32 | /tools/online | Permanent link to this entry | This entry + same date
GoogleSets Command Line Interface
Google labs
is one of the 'Nets open secrets. It's a site that gathers up some of
Googles ideas for new sites and services and allows people to have a play
with them. One of the services, Google Sets, has been quite useful to me
recently. So I wrote the GoogleSets Command Line
Interface.
The basic premise (of both the site and script) is simple, you give it a list and it tries to expand it. So if you pass in 'Linux', 'HPUX' and 'Solaris' it'll give you back other operating systems. I've been using it in a security project to find and possibly expand links between different host names. In one case it predicted a couple of host names that were in use but not in DNS based upon five existing host names.
The GoogleSets Command Line Interface is GPL'd, does what you'd expect and will soon be turned in to a Perl module to allow more programatic access to sets.
Like this post? - Digg Me! | Add to del.icio.us! | reddit this!
Posted: 2006/01/28 14:20 | /tools/commandline | Permanent link to this entry | This entry + same date
Blosxom Plugin: submit_to_reddit
One of the great things about putting code online is that anyone can
contact you about it. Sometimes you get a "thank you", sometimes
corrections and occasionally requests to make it do something else. My
add_to_delicious Blosxom plugin post caused a couple of damn lazy
Blosxom users (although it's perl based so they may consider this praise
:)) to ask for versions for a couple of other sites. The first of these, submit
to reddit is now done.
This plugin changes each post (both RSS and HTML flavours) and adds a clickable link that takes you to a pre-populated "Submit to reddit" page. The submit_to_reddit source code is pretty simple (mostly the same as the previous plugin) but you'll probably need to change the '$post_url' to suit your sites permalink format. The code's GPL'd and I've tested it on my own site so it mostly works.
Like this post? - Digg Me! | Add to del.icio.us! | reddit this!
Posted: 2006/01/28 12:13 | /tools/online | Permanent link to this entry | This entry + same date
Events Shot - 2006/01
I've not been able to get to any tech events since early November so I'm
feeling more than a little out of touch. Fortunately the next couple of
months will make up for the lack of geek conversation.
We've got a London PM tech meet on Feb the 16th (I'll link to it as as soon as I get the announcements out). The ever incredible FOSDEM on the 25th and 26th (with the usual Friday night warm up) of Feb. The UKUUG Spring Conference 2006 on 22nd and 23rd March 2006 in Durham and The Open Rights Group, who I still need to give money to, are meeting on the 7th of Feb.
Unfortunately I won't be getting to "The Future of Web Apps" summit organised by Carson Workshops but I will be visiting the London Ruby User Group where I hope to see one of the speakers...
All-in-all the first quarter looks like it could be very interesting...
Like this post? - Digg Me! | Add to del.icio.us! | reddit this!
Posted: 2006/01/28 11:19 | /events | Permanent link to this entry | This entry + same date
Parasitic Traceroute and Other Hidden Gems
Dan Kaminskys Paketto
Keiretsu is a collection of small networking tools that contain some
great ideas. This week I needed to work out where an encrypted tunnel was
actually going, not where the untrusted OS said it was going, and paratrace
was a great little app to have in my toolkit.
While none of the tools are essential (or going to be needed that often) they do fill a pretty lonely niche.
Like this post? - Digg Me! | Add to del.icio.us! | reddit this!
Posted: 2006/01/28 10:53 | /tools/network | Permanent link to this entry | This entry + same date
Copyright © 2000-2005 Dean Wilson
