General
cancel
Showing results for 
Search instead for 
Did you mean: 

Linux 2.6 Kernel Backdoor Attempt Thwarted

Dave Falloon
Trusted Contributor

Linux 2.6 Kernel Backdoor Attempt Thwarted

This is an FYI for anyone that does not read securityfocus.com:

An attempt was made by some unscrupulous character to add a code submission to the kernel source that would allow anyone to gain root access using a combination of flags in the wait4() call.

Heres the link to the full story:

http://www.securityfocus.com/news/7388

Just thought you guys might want to take a look maybe to give you an idea of the next generation of exploits to hit this industry.

Dave
Clothes make the man, Naked people have little to no effect on society
5 REPLIES
Huc_1
Honored Contributor

Re: Linux 2.6 Kernel Backdoor Attempt Thwarted

thank, Dave

for the "for your info" and a good link !

That should keep-us on or toes !

J-P (0 points for this of course)
Smile I will feel the difference
Jerome Henry
Honored Contributor

Re: Linux 2.6 Kernel Backdoor Attempt Thwarted

Tks Dave too !

Funny thing is that on irc channels this flaw was discribed as far less elegant as any KLM rootkit, as it was so visible that any kernel guru or any linuxw kid would see it on first release... rootkits still have happy days !

J
You can lean only on what resists you...
Ragu_1
Regular Advisor

Re: Linux 2.6 Kernel Backdoor Attempt Thwarted

The community of free software users' were quick to identify this security breach due to the unfettered access to the source tree. Can anyone guess-estimate the number of backdoors `embedded' in `non-free' software ? Security breaches happen and the free software community did not shy away from full disclosure of `incidents' and saying a big `no' to secrecy. The next line of security breach would be the total erosion of `individual privacy'! Computer security is a process where one learns and becomes better by correcting mistakes with full disclosure and thru the massive amount of collaboration thru the medium of the Internet to find `fixes'.
Share and share alike
Dave Falloon
Trusted Contributor

Re: Linux 2.6 Kernel Backdoor Attempt Thwarted

I think the thing that stuck out in my head about this attempt though was its subtle nature. Using what looks like a typo to make a root exploit using a combination of little known flags is pretty cunning. Its almost too bad this person has given in to the dark side. They could probably make some very nice contributions to OSS instead of just being a code thug.

I agree Ragu, open peer review by as many people as possible will keep these flaws from being the door for the next blaster or klez or whatever its going to be. Another thing that helps is public places to voice concerns.

Dave
Clothes make the man, Naked people have little to no effect on society
dirk dierickx
Honored Contributor

Re: Linux 2.6 Kernel Backdoor Attempt Thwarted

This backdoor code was found before it could do any damage. and never got into the main stream kernel.

the checks seem to be doing their job, that made this into a non event.