Linux Kernel Back-Door Hack Attempt Discovered 687
An anonymous reader writes "The BitKeeper to CVS gateway was apparently hacked in an attempt to add a root exploit back door to the Linux kernel, according to the linux-kernel archive. The change was in the file kernel/exit.c and changed the user ID of a process to root under the guise of checking the validity of some flags. The core Linux BitKeeper kernel repository was not at risk, and in fact it was the BitKeeper CVS export scripts that detected the unauthorized modifications to CVS. The changes were falsely attributed in CVS to long-time Linux developer davem (David Miller). Users of the BKCVS repository should resync their trees to remove the offending code if they had replicated it since yesterday."
Daaaammmmmnnnn.. (Score:4, Funny)
Let's hope they're cut off.
Microsoft (Score:3, Funny)
!!! rag (Score:3, Funny)
hmm (Score:4, Funny)
That McVoy is a smart one!
Did you know his programmers need to feed their families and pay their mortgages? Very sad situation, I hope everybody buys 10-15 licenses ASAP.
Re:Microsoft (Score:5, Funny)
Re:Well well (Score:4, Funny)
Well the 12 backdoors I put into the Windows XP kernel haven't been detected yet.
Alright.... (Score:4, Funny)
You guys get Linus and make sure he brings Tove, since she could probly kick all our asses.
Once thats done we'll Larry McVoy, by this time hopefully he will have the IP of the slimeball.
The Pose rides at Dawn, we can kill some Trolls along the way.
Re:3 cheers for monolithic kernals (Score:3, Funny)
(wait - am I supposed to say "here goes my karma" at this point?)
Re:3 cheers for monolithic kernals (Score:5, Funny)
My God! It's full of stars!
1 x 4 x 9
That monolith... oh... kernel.... right...
Re:!!! rag (Score:5, Funny)
Re:Well well (Score:3, Funny)
Has anyone tried sys_wait4(__WCLONE|__WALL) on Unixware?
Re:My boss is gonna read this.. (Score:3, Funny)
Yeah, because he'd rather like a closed source product where such attempts suceed unnoticed.
Re:Well well (Score:1, Funny)
In other news.. (Score:5, Funny)
You mean, "what's really gonna bake your noodle... (Score:5, Funny)
Re:more reason to sign patches? (Score:1, Funny)
Hey man... That's my password. Why do you have to go and tell everyone?
Re:!!! rag (Score:4, Funny)
Re:Well well (Score:4, Funny)
If he isn't a lowest level hacker, my world foundations are crumbling...
Does that mean the trojan is GPL'd? (Score:2, Funny)
Re:Well well (Score:5, Funny)
Leprechauns live on my hard drive controller, and spin it with all their tiny might.
They're like little green DJs when I use my RAID.
Re:Well well (Score:2, Funny)
1. UnixWare will crash
2. UnixWare will tell you that no such call exists
Either way, you could completely and totally use it as an excuse to make whichever person you installed UnixWare look like a complete dick, and then shoot them in the groin with a nailgun.
Re:Well well [Thompson: Reflections on Trust] (Score:3, Funny)
For those who didn't read the article by Ken Thompson ( read it here [acm.org]) a compiler is corrupted so that it inserts a bug into all compilers that it compiles, and the purpose of that bug is to insert a bug into another program (such as login) when it compiles it (such as accepting a certain password as the root password)
Both bugs have to be a pattern based search method. They look for some string or some sequence of characters that the original hacker believes will be consistent in future code, and then make their modifications.
Running the code through a obfuscating precompiler that both randomized variable names and added random white space would potentially remove any pattern that the trojan was looking for.
Can anyone think of things that I missed (or ways to make the trojan continue to work in the face of obfuscation)
the obfuscator would, of course, be written in an interpreted language... ( [raises pink to corner of mouth and channels Dr. Evil] whose interpreter has of course been corrupted so that it inserts naughty limericks into every application it "obfuscates".... MUWAHAHAHA... MUWAHAHAH....)
--
Was it the sheep climbing onto the altar, or the cattle lowing to be slain,
or the Son of God hanging dead and bloodied on a cross that told me this was a world condemned, but loved and bought with blood.
Re:Well well (Score:3, Funny)
Well, in theory.
Of course, you send in the first ox, and the pirannhas attack it. Then you try and get the other oxen to cross, and they are all like "Fuck this man, I ain't going in that freakin' river! Look at what's happenin' to Bob!!!"
Re:Well well (Score:1, Funny)