How to remove executable bit recursively from files (not directories)

No Comments

When I plug-in an USB stick (FAT) into my Centos Linux machine, all files have the executable bits set. After having copied the directory structure to my hard disk I remove the executable bits recursively just from the files and keep those on the directories with following command:

chmod -R -x+X *

Explanation:

  • -R – operate recursively
  • -x – remove executable flags for all users
  • +X – set executable flags for all users if it is a directory

Find files modified in the last week.

No Comments

Change ./ to the root directory you wish to search in. Change -7 to +7 for files changed more than a week ago.

  1. find ./ -mtime -7 -print

-mtime n[smhdw]

             If no units are specified, this primary evaluates to true if the difference between the file last modification time and the time find was started, rounded up to the next full 24-hour period, is n 24-hour periods.

             If units are specified, this primary evaluates to true if the difference between the file last modification time and the time find was started is exactly n units.

             Please refer to the -atime primary description for information on supported time units.

   -atime n[smhdw]

             If no units are specified, this primary evaluates to true if the difference between the file last access time and the time find was started, rounded up to the nextfull 24-hour period, is n 24-hour periods.

             If units are specified, this primary evaluates to true if the difference between the file last access time and the time find was started is exactly n units.  Possible time units are as follows:

             s       second

             m       minute (60 seconds)

             h       hour (60 minutes)

             d       day (24 hours)

             w       week (7 days)

             Any number of units may be combined in one -atime argument, for example, “-atime -1h30m”.  Units are probably only useful when used in conjunction with the + or   modifier.

How do I recompile Bash on MacOSX to avoid Shellshock (the remote exploit CVE-2014-6271 and CVE-2014-7169)?

No Comments

System Binaries

OS X 10.9.5 (the latest stable release at the moment) ships with Bash v3.2.51:

$ bash --version
GNU bash, version 3.2.51(1)-release (x86_64-apple-darwin13)
Copyright (C) 2007 Free Software Foundation, Inc.
You can obtain and recompile Bash as follows, providing that you have Xcode installed:
$ mkdir bash-fix
$ cd bash-fix
$ curl https://opensource.apple.com/tarballs/bash/bash-92.tar.gz | tar zxf -
$ cd bash-92/bash-3.2
$ curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-052 | patch -p0    
$ cd ..
$ xcodebuild
$ sudo cp /bin/bash /bin/bash.old
$ sudo cp /bin/sh /bin/sh.old
$ sudo cp build/Release/bash /bin
$ sudo cp build/Release/sh /bin

After this, the Bash version should be v3.2.52:

$ bash --version
GNU bash, version 3.2.52(1)-release (x86_64-apple-darwin13)
Copyright (C) 2007 Free Software Foundation, Inc.

Now check new bash:
$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test

Older Entries