Unix permission other class [migrated]

Say I’m having the following configuration on a unix system:

usr : grp (User usr is of group grp). In addition I have group gurus.

And I’m running ls -l and get the following output:

-r--rw--w- 1 usr gurus  

Does usr have a write permission of this file? i.e does the ‘other’ class means “the whole world” or “not an owner nor a group member”?”


Why is this defense against “It’s a Unix system!” not widely implemented?

The Jurassic Park scene referenced in the title is infamous for how ludicrous it sounds to those who are tech literate. But it also illustrates what seems to me to be a glaringly huge hole in web security, particularly IoT devices–as soon as attackers find out a server or camera or baby monitor is running linux, they instantly know volumes about how it works. They know that commands like sudo are big juicy targets and they know that shell access will bring with it gobs of useful tools like ls and cat.

So why isn’t OS obfuscation more of a thing? I’m not talking about just hiding the version in web headers. Similar to JavaScript minification or obfuscation, I’m talking about changing the names of binaries and filepaths in the OS itself. Wouldn’t entire classes of attacks be practically useless if the OS had ha7TrUO and RRI6e29 commands instead of sudo and ls? Imagine a hacker that somehow gained remote root access–what are they even going to do if they don’t know any commands?

Implementation would be fairly easy for compilers. Take the simplest case of “rename this function and all calls to it.” You could give an OS compiler and an application compiler the same randomized names and they’d be able to talk to each other. But even if the application has poor security and is vulnerable to bash injection, such attacks would be fruitless.

Obviously this technique can’t be used in all scenarios. Setting aside scenarios like servers maintained by human sysadmins, it seems to me that any device or server managed by automation is a prime candidate for this defense.

I guess the question(s) needs to be a bit more concrete:

  1. Is OS obfuscation as described used widely and I just haven’t encountered it?
  2. If not used widely, what are the practical or technical barriers to usage?

unix command line, e.g. find, to run a script on many binary files that outputs it to a .txt file

i’d like to run a script, say convert.py (which converts binary to ascii, but outputs to stdout) on 30 or so *.gz files, but instead of output going to screen, it goes to a *.txt file, similar to so: convert.py jonny.gz > jonny.txt how would i do it with a for loop or find command? thanks

How to chain unix commands in jupyter notebooks while on windows 10?

My Os is windows 10 and I am using a jupyter notebook from anaconda prompt.

When I type !pwd it works, When I type !ls -l it works, But when I want to chain the commands and output them to an output file e.g. !(pwd; ls-l) > out.txt it says: “pwd: unknown option — l Try ‘pwd –help’ for more information.”

Does anyone know how to chain these commands and output them to a file?

Thank you in advance

Is C the fastest language because most kernels are written in C viz. Unix, DOS and Macintosh?

Hypothetically if there were an OS named YAOS(yet another OS) written in ALWAC (Another language with another compiler), assuming ALWAC is assembly optimized of course. Would ALWAC be comparable to C in performance, given that C is the fastest language that there is.

To rephrase the question: Would it be a good idea to write a language specifically for a kernel plugin like Symbian OS, Purity OS or Nutanix OS to speed up the development without compromising C like performance? A language native to an OS/kernel module, if you will. I mean, C came after Unix, historically, which is what raised this doubt.

Testing connectivity between Unix and Windows servers

I am doing a failover activity between 2 data centers.

In 1 data center, 1 Oracle database on Linux is replicating data to 1 SQL Server database on Windows using a replication tool.

There is storage level replication for the Windows server, so during the failover activity, the entire VM will failover with the same name, except with a different IP address.

The source is sending a SYN to the (new) target, but there is no evidence that the data packet is reaching the target, and there is no SYN/ACK being sent back.

How can I troubleshoot connectivity to find out if the problem is with Network firewall, Unix server, or Windows server?

(all teams say that there’s no issue from their side)

Should I log into both servers and run telnet with IP and port, or is there a better way?

Thank you.