l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
September 2: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2008 Jan 04 11:35

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Access change, possible virus problem
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Access change, possible virus problem



Steve Weiss wrote:
Last week my Ubuntu 7.10 system started denying me the right to create or delete directories in a separate data partition created when we setup my dual-boot (WinXP2) system at an installfest last October. I'd had no trouble doing this before last week. I can create and delete files within the directories, though.

Here's a typical ls -l for a folder within the partition:
drwxrwx--- 8 root plugdev 8192 2007-10-06 18:58 Clients

Here's the same for the partition itself, named /media/Data/mydata:
steve@SteveW:~$ ls -l /media/Data
total 40
-rwxrwx--- 1 root plugdev 8192 1980-01-01 00:00 fsck0000.rec
-rwxrwx--- 1 root plugdev 8192 1980-01-01 00:00 fsck0001.rec
dr-xr-x--- 42 root plugdev 8192 2007-10-06 23:58 mydata
drwxrwx--- 2 root plugdev 8192 2007-10-06 22:38 Recycled
-rwxrwx--- 1 root plugdev 8192 2007-12-30 00:29 vsnap.idx

Here's the same for all drives:
steve@SteveW:~$ ls -l /media
total 52
lrwxrwxrwx 1 root root 6 2007-10-06 07:12 cdrom -> cdrom0
drwxr-xr-x 2 root root 4096 2007-10-06 07:12 cdrom0
drwxrwx--- 5 root plugdev 8192 1969-12-31 16:00 Data
drwx------ 7 steve root 32768 1969-12-31 16:00 EXTERNAL
drwxrwx--- 1 root plugdev 8192 2007-12-29 16:45 sda2

And here's the same for a folder in my home dir:
drwxr-xr-x 2 steve steve 4096 2007-12-01 17:56 Desktop

(EXTERNAL is an external USB HD, and sda2 is the Windows XP partition.)

One suspicious event occurred when I tried to copy data from one of my kid's CDs to a flash drive. Turns out the CD had multiple viruses on it. Ubuntu crashed several times just copying the files, while other times the flash drive would refuse to accept any more files although there was plenty of room on it, and it would unmount itself. I later booted into Windows and scanned everything for viruses. It only found them on the CD, not on either the Windows or data partition, and not on the flash drive. (Of course, it couldn't see the Linux partition.)
This sounds more like filesystem corruption or a bad physical connection
to the usb drive than a virus.

Anyway, I don't know what changed regarding permissions or ownership, whether something got corrupted or a virus somehow became activated.
Viruses are self-replicating executable code (with side effects).  They
are not features of stored data that can arbitrarily affect whatever
operating system reads the media they are stored on.  It may look like
this in Windows because Microsoft tends to automatically run a various
types of programs regardless of where the code came from... but Linux
doesn't do this.

(Can't see how the latter could have happened since all I did was copy.)
Neither can I.

Should I scan for viruses on the Linux system? (Any recommendations for doing that? I've got no scanner installed yet.)
No.

In any case, how can I fix the problem? Change permissions or ownership? Seems like the data partition, which I alone use, should have the same ownership as my home directory. I could use the chown command on everything in the partition. While that seems extreme, it would be more secure than giving permission to all users in the partition. Wish I knew all the ownerships and permissions before the corruption. I have system backups made with the default settings of sbackup, but this backs up only the Linux system info and essentials. I also have backups of the data partition made with Norton Ghost, which is Windows/DOS software.

Any advice would be appreciated.
This device is being managed by the hardware abstraction layer, so the
ownership is correct.  Your username should be a member of the plugdev
group, and anyone you don't want to have access should not be a member
of that group. (/etc/groups or a GUI user/group management control panel)

I note that your "mydata" directory has no write access enabled.
This will prevent you from creating any files or directories
immediately within "mydata" (though subdirectories below that will
not be affected).

Creating a file in a directory depends on the execute and
write permissions being enabled for you on that directory... permissions
which are visible when you list them from the directory that contains
the directory you want to modify (one level up from where you want to
create files).

Usually these usb drives are formatted with FAT or NTFS, so any permissions
you see on them are being emulated by the filesystem drivers (because those
filesystems don't understand POSIX permissions).  This normally means
you can't change the permissions on only one directory in this filesystem.
Thus, I am wondering if you changed the filesystem on this device to
a POSIX filesystem like ext2?

--
---------------------------------------------------------------------------
Jeff Newmiller                        The     .....       .....  Go Live...
DCN:<jdnewmil@dcn.davis.ca.us>        Basics: ##.#.       ##.#.  Live Go...
                                      Live:   OO#.. Dead: OO#..  Playing
Research Engineer (Solar/Batteries            O.O#.       #.O#.  with
/Software/Embedded Controllers)               .OO#.       .OO#.  rocks...1k
---------------------------------------------------------------------------
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Appahost Applications
For a significant contribution towards our projector, and a generous donation to allow us to continue meeting at the Davis Library.