Quote:
Originally Posted by joerg_rw
sudo cp
and others won't work on sane default sudo setup, so you'll have to run this in a root account instead (install rootsh, do `root`)
/j
|
Yep, sure. I made this in a rush to get rid of DigiNotar (and for future fraudulents) and did not test out. This would work probably with sudser installed (or manual inclusion of cp/busybox in sudoers
). So please refer to below corrected script (rootsh required).
But why would anybody try to run this as non-root?
Code:
#!/bin/sh
if [ `id -u` != 0 ] ; then
exec sudo gainroot <<EOF
exec sh $0 $*
EOF
exit $?
fi
#removing fraudulent CAs
echo enter the cert\(ifier\) You are looking for:
read cert
cmcli -T common-ca -L | grep "$cert"
echo now copy the full cert ID ...
read nothing
echo and give it as input \(for removal\)
read certID
cp /etc/certs/common-ca/$certID.pem /etc/certs/common-ca/$certID.pem.old
cmcli -c common-ca -r $certID
echo now open microb and goto
echo chrome://pippki/content/certManager.xul
echo and delete the cert also there in the CA manager
read nothing
dbus-send --system --type=method_call --dest=com.nokia.osso_browser /com/nokia/osso_browser/request com.nokia.osso_browser.load_url string:"chrome://pippki/content/certManager.xul"
Quote:
Originally Posted by joerg_rw
According to the google report there were two certs fraudulent.
/j
|
After reading
link provided by aranel, I was also pretty sure.
Thanks for correction/confirming.