Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sun 23 Nov 2014, 01:14
All times are UTC - 4
 Forum index » Off-Topic Area » Security
pfix=ram does not make you invincible
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 2 [16 Posts]   Goto page: 1, 2 Next
Author Message
Pizzasgood


Joined: 04 May 2005
Posts: 6270
Location: Knoxville, TN, USA

PostPosted: Sat 30 Jan 2010, 21:30    Post subject:  pfix=ram does not make you invincible  

A common idea around Puppy is that you are invincible when running with pfix=ram. The OS is entirely in ram and the drives are all unmounted. Nothing persists.

I say to you: don't be complacent.

First of all, partitions don't need to be mounted to be modified. Programs that work on the drive at a very low level, such as dd, fdisk, parted, and mkfs.* don't care if it's unmounted (in fact they prefer it).

Second of all, those unmounted partitions could simply be mounted.

In a normal Linux, you would be somewhat protected from those vectors of attack because they require root privileges. In Puppy, however, you run as root by default...

This isn't a criticism. As I have said in the past, I support Barry's choice to make Puppy root by default. (I do believe it would be nice if we had improved support for running as other-than-root built in however.)

I simply wish to make sure that nobody becomes complacent and believes that pfix=ram makes them totally invincible. It makes a huge difference, but there are still plenty of ways for your computer to be borked from pfix=ram mode.


If you want to play around in an environment where you really can't bork the computer, you should look at virtual machines. Assuming a bug-free implementation, you can boot a Puppy with Qemu and do anything you want. Unless you tell Qemu to give the virtual machine access to real devices, it can't touch them. (It can access the network by default, however. That can be disabled, IIRC.)


This public service announcement was sponsored by cake.

_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send private message Visit poster's website 
mikeb


Joined: 23 Nov 2006
Posts: 8641

PostPosted: Sat 30 Jan 2010, 22:01    Post subject:  

I have wiped the mbr running certain games in wine even though the (c:\) partition was unmounted...one of those occasions where not root running is recommended (by winehq)

mike
Back to top
View user's profile Send private message 
PaulBx1

Joined: 16 Jun 2006
Posts: 2308
Location: Wyoming, USA

PostPosted: Mon 01 Feb 2010, 12:40    Post subject:  

pfix=ram, plus a recent full disk backup, makes you invincible. Wink
Back to top
View user's profile Send private message 
rjbrewer


Joined: 22 Jan 2008
Posts: 4422
Location: merriam, kansas

PostPosted: Mon 01 Feb 2010, 14:57    Post subject:  

PaulBx1 wrote:
pfix=ram, plus a recent full disk backup, makes you invincible. Wink


Not good enough; I want invisibility and the power of flight too. Smile

_________________

Inspiron 700m, Pent.M 1.6Ghz, 1Gb ram.
Msi Wind U100, N270 1.6>2.0Ghz, 1.5Gb ram.
Eeepc 8g 701, 900Mhz, 1Gb ram.
Full installs

Back to top
View user's profile Send private message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Tue 02 Feb 2010, 00:59    Post subject:  

I want cake

We do try and educate ourselves

We are generally not running servers
passing along Windows files
That is why Linux has virus checkers - to check
it is not carrying files that it is immune to but could infect the Redmond sheep.

Many of us insist on running from HD
from old habits.
(HD = hard disk - not High Definition in this case)
Some need to use HD for speed
and memory.

Many are better served with a
CD/DVD or multisession Puppy running
- hence the 'puppy pfix=ram' option
at boot up

Using 'puppy pfix=ram' and a new
(not existing save file) I would feel
my cake is safe

Then I would run the firewall
(I have a router firewall) but let us put the firewall
on
I am not yet connected to the internet
but let us have two firewalls
. . . and be running a non Windows OS
Personally I would feel safe

I would then connect to 'The Internet'
(warning may contain . . .
all kinds of things)
- viral ads, time traveling lobsters
dubious images


I would not bother with GROWL
http://www.murga-linux.com/puppy/viewtopic.php?search_id=1376861879&t=45884

Now put on your mind control device
and enjoy baking your cake
http://www.biotele.com/mind_readers.html

More Mind control News
http://tmxxine.com/www/

_________________
Puppy WIKI
Back to top
View user's profile Send private message Visit poster's website 
aarf

Joined: 30 Aug 2007
Posts: 3620
Location: around the bend

PostPosted: Tue 02 Feb 2010, 01:16    Post subject: Re: pfix=ram does not make you invincible  

Pizzasgood wrote:


This public service announcement was sponsored by cake.

was it fruitcake by any chance?

_________________

ASUS EeePC Flare series 1025C 4x Intel Atom N2800 @ 1.86GHz RAM 2063MB 800x600p ATA 320G
_-¤-_

<º))))><.¸¸.•´¯`•.#.•´¯`•.¸¸. ><((((º>
Back to top
View user's profile Send private message Visit poster's website 
aarf

Joined: 30 Aug 2007
Posts: 3620
Location: around the bend

PostPosted: Tue 02 Feb 2010, 05:21    Post subject: Re: pfix=ram does not make you invincible  

aarf wrote:
Pizzasgood wrote:


This public service announcement was sponsored by cake.

was it fruitcake by any chance?

ho hum, what was i thinking, obviously it was a piz-za-cake.

_________________

ASUS EeePC Flare series 1025C 4x Intel Atom N2800 @ 1.86GHz RAM 2063MB 800x600p ATA 320G
_-¤-_

<º))))><.¸¸.•´¯`•.#.•´¯`•.¸¸. ><((((º>
Back to top
View user's profile Send private message Visit poster's website 
aarf

Joined: 30 Aug 2007
Posts: 3620
Location: around the bend

PostPosted: Tue 02 Feb 2010, 06:25    Post subject:  

you better be careful pizza,slandering your puppy like that could have unexpected consequences:Man Shot By His Dog
_________________

ASUS EeePC Flare series 1025C 4x Intel Atom N2800 @ 1.86GHz RAM 2063MB 800x600p ATA 320G
_-¤-_

<º))))><.¸¸.•´¯`•.#.•´¯`•.¸¸. ><((((º>
Back to top
View user's profile Send private message Visit poster's website 
hillside


Joined: 02 Sep 2007
Posts: 642
Location: Minnesota, USA. The frozen north.

PostPosted: Tue 02 Feb 2010, 08:35    Post subject:  

All my information written on a sheet of paper and locked in my desk drawer doesn't make me invincible.

There are no guarantees in life, but it helps to be a reasonably fast gazelle. If you're too slow, the lions will get you. Window's is definitely the slowest gazelle. Puppy? Too much work for the lions to chase down on a routine basis.
Back to top
View user's profile Send private message 
bee_pipes


Joined: 23 Jan 2010
Posts: 15
Location: Podunk, Tn.

PostPosted: Tue 02 Feb 2010, 09:46    Post subject:  

That's setting the bar mighty low. You don't have to outrun the lions, just the slowest gazelle.

Regards,
Pat
Back to top
View user's profile Send private message 
Pizzasgood


Joined: 04 May 2005
Posts: 6270
Location: Knoxville, TN, USA

PostPosted: Tue 02 Feb 2010, 21:54    Post subject:  

It was strawberry-flavored cake, with strawberry-flavored frosting. Unfortunately, no actual strawberries. Pretty good anyway though. Smile
_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send private message Visit poster's website 
aarf

Joined: 30 Aug 2007
Posts: 3620
Location: around the bend

PostPosted: Tue 02 Feb 2010, 23:36    Post subject:  

hmpf.. so it was a fruitcake after all
_________________

ASUS EeePC Flare series 1025C 4x Intel Atom N2800 @ 1.86GHz RAM 2063MB 800x600p ATA 320G
_-¤-_

<º))))><.¸¸.•´¯`•.#.•´¯`•.¸¸. ><((((º>
Back to top
View user's profile Send private message Visit poster's website 
Pizzasgood


Joined: 04 May 2005
Posts: 6270
Location: Knoxville, TN, USA

PostPosted: Wed 03 Feb 2010, 15:10    Post subject:  

Well, a wanna-be fruitcake.
_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send private message Visit poster's website 
dejan555


Joined: 30 Nov 2008
Posts: 2715
Location: Montenegro

PostPosted: Thu 04 Feb 2010, 14:30    Post subject:  

Open your PC case and unplug your drives physically. Idea
Err, just a thought... Rolling Eyes

_________________
Dpup 487 | Puppy Gallery | My photo gallery | mtPaint works
Back to top
View user's profile Send private message Visit poster's website MSN Messenger 
aarf

Joined: 30 Aug 2007
Posts: 3620
Location: around the bend

PostPosted: Thu 04 Feb 2010, 20:07    Post subject:  

dejan555 wrote:
Open your PC case and unplug your drives physically. Idea
Err, just a thought... Rolling Eyes
mostly i run from internal SDcard so that would not be so difficult. Content that is produced myself is minimal anyway. Mostly what is stored on my computer is copies of what is on the web so damage or loss is not a irrevocable event. Even then everything is backedup to external Usb plugged HD.
_________________

ASUS EeePC Flare series 1025C 4x Intel Atom N2800 @ 1.86GHz RAM 2063MB 800x600p ATA 320G
_-¤-_

<º))))><.¸¸.•´¯`•.#.•´¯`•.¸¸. ><((((º>
Back to top
View user's profile Send private message Visit poster's website 
Display posts from previous:   Sort by:   
Page 1 of 2 [16 Posts]   Goto page: 1, 2 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0784s ][ Queries: 11 (0.0044s) ][ GZIP on ]