[vox] Biggest uptimes!
Ken Bloom
kbloom at gmail.com
Sat Feb 18 22:21:41 PST 2006
Don Armstrong wrote:
> On Sat, 18 Feb 2006, trixter aka Bret McDanel wrote:
>
>>wasnt it a desire for a long uptime that caused debin to not install
>>a patch for a known kernel vulnerability and they got owned because
>>of that?
>
>
> No, it was a slightly more complicated situation involving a
> non-Debian machine being broken into and a password sniffed which was
> used to break into a debian.org machine and then use a copy of
> unpatched suid binaries which were sitting around to elevate to root
> on master, and then break into other machines from there.
There was indeed a known kernel vulnerability[1], but it wasn't realized
to be severe until after the Debian attack when it was assigned
CAN-2003-0961, and the fix hadn't made it into a release kernel until
after Debian was attacked.
So there was no uptime macho involved here. In fact, it would have been
more macho to apply the fix at that point by running a prerelease kernel
than to not apply the fix and stick with a stable kernel. Nevertheless,
there was a kernel exploit.
--Ken Bloom
[1]http://lists.debian.org/debian-announce/debian-announce-2003/msg00003.html
--
I usually have a GPG digital signature included as an attachment.
See http://www.gnupg.org/ for info about these digital signatures.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://ns1.livepenguin.com/pipermail/vox/attachments/20060219/d9d37c69/signature.pgp
More information about the vox
mailing list