Path: csiph.com!newsfeed.hal-mli.net!feeder3.hal-mli.net!newsfeed.hal-mli.net!feeder1.hal-mli.net!newsfeed.xs4all.nl!newsfeed3.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
MIME-Version: 1.0
In-Reply-To: <kr1lo2$ta4$3@news.grnet.gr>
References: <CAKP_0cVuK07_DNkA3oHnFbYNaGNYw-EEMaWAhgLRRvYbpmsPPQ@mail.gmail.com> <ac6abb36-ae5f-4627-b196-24a6255d4347@googlegroups.com> <CAN1F8qUWj3tC85nWq5nUG8rVz6eP9-sGop41b6WLoDqAGxAuDw@mail.gmail.com> <51D1D484.5070309@rece.vub.ac.be> <CAN1F8qUiACxdjRG9owui75cG4yAGtf-UXqG_Z+KSCqJLeKFjbA@mail.gmail.com> <51D27FB9.7040406@rece.vub.ac.be> <CAN1F8qWOeF9Er0bofaRYsyW4EKg4NJOhBNCTnC=pfAOSYU+rUg@mail.gmail.com> <51D2C113.6070105@rece.vub.ac.be> <CAN1F8qV_Qj6oyyzMuRdhsw4okvRDKm3rNXRTC=OuuFj5bOYynQ@mail.gmail.com> <mailman.4132.1372804454.3114.python-list@python.org> <1264cfb9-f451-40e3-9d59-0619547c8138@googlegroups.com> <51D3ED24.9030202@rece.vub.ac.be> <mailman.4157.1372844725.3114.python-list@python.org> <kr0snf$d5j$1@news.grnet.gr> <mailman.4173.1372862677.3114.python-list@python.org> <kr1gds$sq9$1@news.grnet.gr> <mailman.4176.1372866263.3114.python-list@python.org> <kr1kit$ta4$1@news.grnet.gr> <mailman.4180.1372870401.3114.python-list@python.org> <kr1lo2$ta4$3@news.grnet.gr>
Date: Thu, 4 Jul 2013 03:23:34 +1000
Subject: Re: python adds an extra half space when reading from a string or list
From: Chris Angelico <rosuav@gmail.com>
To: python-list@python.org
Content-Type: text/plain; charset=ISO-8859-7
Content-Transfer-Encoding: quoted-printable
Precedence: list
Newsgroups: comp.lang.python
Message-ID: <mailman.4182.1372872222.3114.python-list@python.org>
Lines: 51
NNTP-Posting-Host: 2001:888:2000:d::a6
Xref: csiph.com comp.lang.python:49765

On Thu, Jul 4, 2013 at 3:07 AM, =CD=DF=EA=EF=F2 <nikos@superhost.gr> wrote:
> =D3=F4=E9=F2 3/7/2013 7:53 =EC=EC, =EF/=E7 Chris Angelico =DD=E3=F1=E1=F8=
=E5:
>> What are the file permissions (file modes) on all your home
>> directories? Do you know what they mean?
>
>
> root@nikos [~]# ls -al /home
> total 88
> drwx--x--x 22 root     root     4096 Jul  3 20:03 ./
> drwxr-xr-x 22 root     root     4096 Jun 12 01:21 ../
> drwx--x--x 14 akis     akis     4096 Apr  5 22:21 akis/
> same with others just +x for group and others.
>
> Does that mean you can easily i.e. 'cd /home/akis/' accessing their home
> directories?

Yes.

> Shall i 'chmod -x /home/dirs' ?

Only if you know what it will do. Your solutions to problems always
seem to be "If I do this, will the problem be fixed?" without
demonstrating any understanding of what will be changed. Maybe you do
know and aren't showing it, but I suspect that (in many cases at
least) you simply do not understand what you are doing.

>> I'm happy to take you up on that offer if you need another lesson in
>> not giving out shell access. And don't forget, privilege escalation
>> attacks do exist.
>
>
> Yes they do, but cPanel offers some protection against these kind of meth=
ods
> called "CPHulk" so it wont be easy!

Neat. Now I know how to lock you out of your own account. Five seconds
with Google brought this up:

http://docs.cpanel.net/twiki/bin/view/11_30/WHMDocs/CPHulk

Can you, by reading that page, tell me what I would have to do to stop
you from accessing your login?

Also, CPHulk does not appear to have _any_ protection against
privilege escalation. It's a completely different thing. So once
again, it appears - maybe that appearance is wrong - that you have
done something that "ought to fix security" without knowing anything
about what it actually does.

ChrisA