firehand

Prometheus 6   

Do not make the mistake of thinking that because my conclusion is the same as another person's that my reasoning is the same

November 06, 2003

 

Now who would do a thing like that?

via Slashdot

An anonymous reader writes "The BitKeeper to CVS gateway was apparently hacked in an attempt to add a root exploit back door to the Linux kernel, according to the linux-kernel archive. The change was in the file kernel/exit.c and changed the user ID of a process to root under the guise of checking the validity of some flags. The core Linux BitKeeper kernel repository was not at risk, and in fact it was the BitKeeper CVS export scripts that detected the unauthorized modifications to CVS. The changes were falsely attributed in CVS to long-time Linux developer davem (David Miller). Users of the BKCVS repository should resync their trees to remove the offending code if they had replicated it since yesterday."
do you KNOW what the repercussions would be if this had gotten through? A built-in back door to every Linux box that ran the new kernel. The mind boggles.

Posted by P6 at November 6, 2003 01:43 AM | Trackback URL: http://www.prometheus6.org/mt/mt-tb.cgi/2201
Comments
Post a comment
WARNING:I have no problems altering your message to something personally embarrassing if you're rude









Remember personal info?