3

I'm running Linux Mint 17.

I found a pastebin python file in /usr/local/bin

In light of what people use pastebin for, was this a security risk?

enter image description here

Output from the stat command:

 File: ‘pastebin’ Size: 576 Blocks: 8 IO Block: 4096 regular file Device: fc01h/64513d Inode: 5768847 Links: 1 Access: (0755/-rwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2016-01-19 10:43:31.595833213 -0500 Modify: 2015-02-03 07:15:10.000000000 -0500 Change: 2016-01-19 10:43:30.575833252 -0500 Birth: -

It is believed the pastebin was put there by the original distro. Related discussion here Distro invades '/usr/local'.

Improve this question
1
  • this might be a better question for folks who deal with this distro Commented Jan 19, 2016 at 18:17

1 Answer 1

Reset to default
1

Whether it's in /usr/local/bin or /usr/bin is irrelevant. It's just a python script that posts either its arguments or its STDIN to a web service:

#! /usr/bin/python import sys, os, stat, subprocess content = "" mode = os.fstat(0).st_mode if stat.S_ISFIFO(mode): content = sys.stdin.read() elif stat.S_ISREG(mode): content = sys.stdin.read() else: args = sys.argv[1:] if len(args) == 1 and os.path.exists(args[0]): with open(args[0], 'r') as infile: content = infile.read() else: str_args = ' '.join(args) content = str_args if content != "": p = subprocess.Popen(["/bin/nc", "paste.linuxmint.com", "9999"], stdin = subprocess.PIPE) p.communicate(content)

If your users have Internet access, pastebin doesn't allow them to do anything more than what they already can do.

BTW, isn't it nice that bash allows you to compress the above ugly pythonese to just?:

/bin/nc paste.linuxmint.com 9999 <<< "${*:-`cat`}"

(It won't behave completely identically, but it shouldn't matter.)

Improve this answer
2
  • That isn't bash(1)'s doing, just one of the uses of the network Swiss army knife toolbox netcat(1) ;-) Commented Jan 26, 2016 at 21:21
  • 1
    @vonbrand The python script runs the very same netcat command. Commented Jan 26, 2016 at 21:31

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.