Forgot your password?
typodupeerror
Security Linux

Welcome Back Kernel.org 94

Posted by samzenpus
from the look-who's-back dept.
Hummdis writes "After more than a month of being offline due to a security breach at Kernel.org, they're back! While they were down, they took the time to 're-architect' the site for developers and users. A statement reads: 'As noted previously, kernel.org suffered a security breach. Because of this, we have taken the time to re-architect the site in order to improve our systems for developers and users of kernel.org. To this end, we would like all developers who previously had access to kernel.org who wish to continue to use it to host their git and static content, to follow the instructions here. Right now, www.kernel.org and git.kernel.org have been brought back online. All developer git trees have been removed from git.kernel.org and will be added back as the relevant developers regain access to the system. Thanks to all for your patience and understanding during our outage and please bear with us as we bring up the different kernel.org systems over the next few weeks. We will be writing up a report on the incident in the future.'"
This discussion has been archived. No new comments can be posted.

Welcome Back Kernel.org

Comments Filter:
  • Welcome back.

    Which are the lessons for others to learn?

    • by Anonymous Coward

      From TFA: "We will be writing up a report on the incident in the future."

      • From what I've seen in kernel hacking documentation and tutorials so far, that means "we're probably not going to get around to telling you what happened"..

        • by mug funky (910186)

          wtf are you talking about? you think the kernel.org admins write all the documentation for all of linux?

          • I don't think the two are necessarily mutually exclusive, but it was mostly just a joke. The kernel's APIs change quite regularly, and things like the Linux Kernel Module Programming Guide haven't been updated to reflect 3.0.0 yet. Programmers are notorious for enjoying coding, but forgetting to do documentation (myself included).

    • by Hummdis (1337219)

      An article on Ars Technia [arstechnica.com] stated that:

      "The intrusion was reported to kernel.org users earlier this week by site administrator John Hawley. The attack is believed to have occurred on August 12 but wasn't detected until August 28. The attack vector isn't known for certain, but it is thought that the attacker somehow obtained a legitimate user's login credentials and then exploited an unknown privilege escalation vulnerability. The attack was discovered when an Xnest error message was found in the system logs

    • by diegocg (1680514) on Wednesday October 05, 2011 @04:16PM (#37616914)

      "The compromise of kernel.org and related machines has made it clear that some developers, at least, have had their systems penetrated. As we seek to secure our infrastructure, it is imperative that nobody falls victim to the belief that it cannot happen to them. We all need to check our systems for intrusions. Here are some helpful hints as proposed by a number of developers on how to check to see if your Linux machine might be infected with something" [gmane.org]

      • by microbee (682094)

        One person in my company had account on kernel.org. He then found out his laptop was compromised, which meant that our company's VPN access was also compromised. The company had to do a whole lot of security auditing.

    • It means there are probably quite a few rooted Linux boxes out there and the users don't realize it because they bought into hype that their computer had impenetrable security.

      • I don't think that there is a *nix user anywhere, outside of Apple Phanbois, who think their system is "impenetrable". The common wisdom is, our security is superior to Window's security, but that doesn't translate to "impenetrable".

        • All it takes is a simple google search to find numerous claims of Linux being impenetrable. It doesn't matter the claims are wrong, but the claims have been made by write a few people.

        • by bonch (38532)

          Such claims have been made about Linux since the creation of this website. The "Apple Phanbois" you refer to are actually a rarity in practice.

          • by Microlith (54737)

            The people here who make that claim about Linux are occasional, but by no means representative of the site. Many major Apple focused forums do believe in the impenetrability of OS X as gospel, they are simply rare here.

          • Not really. I've seen both kinds of people IRL. Both are wrong, of course.

        • Re: (Score:1, Troll)

          by LordLimecat (1103839)

          The common wisdom is, our security is superior to Window's security,

          And on what do you base that assumption? Because scores of users get pwned by Acrobat and Java exploits, but it just happens to be hitting windows machines?

          I have never seen any credible proof that your common Linux server distros (RedHat, CentOS, Debian) are more secure out of the box than Windows Server 2003 or 2008-- and I have seen a LOT to suggest that 2008 (and Win7) are more secure than their *nix counterparts.

          I really dont want to start a flamewar on this (though I probably just did), but its ridic

          • by 0123456 (636235)

            It's true. Windows is more secure than Linux so long as you never turn the machine on.

          • Least privileged users? On Win7? *chuckles*

            On all Linux distros, you actually have to type a password to get root status. On Windows, you still only have to click a box to make it go away.

            You make a good point with Adobe and Java. But, more of us on Linux are using more alternatives to the most common Adobe and Java products. Some have similar vulnerabilities, while other have different vulnerabilities, while others simply lack the vulnerable features.

            But, it all comes down to computer savvy, in the en

            • On all Linux distros, you actually have to type a password to get root status. On Windows, you still only have to click a box to make it go away.

              Were that universally true, it would be irrelevant. You nevertheless run as an unprivileged user in Windows 7, and your snarky comment doesnt change that. Until you click allow, the a program may not execute anything with full admin privileges.

              As for Linux being "less secure", well, I insist that we measure the incidence of penetrations.

              I was hoping to compare privilege escalation bugs or a similar category, Server2008 vs a recent kernel, but its quite tricky A) finding usable lists, and B) comparing a full suite (server2008 standard) to a stripped down linux server install (why not compare to 2008

            • by drinkypoo (153816)

              On all Linux distros, you actually have to type a password to get root status.

              Only once. Then you can mess with the pam configs and just have it grant you access. I don't do this, mind you. About the only time I've messed with my pam configs was to enable local login for an account for which I wanted remote passworded login.

          • Since Vista, everyone runs as least-privileged,

            Sorry but I don't believe that for a second. Because I've actually been down that road with XP. I can lock NT-based Windows down almost as much as any UNIX system is locked down by default. But the problem is that when you really do that, you throw a HUGE pile of software out of the window. Software that wants to write to its Program Files directory, software that wants to write to HKEY_LOCAL_MACHINE branch of registry or even worse, software that wants to write to Windows directory itself. Sure, all of tha

            • Sorry but I don't believe that for a second. Because I've actually been down that road with XP. I can lock NT-based Windows down almost as much as any UNIX system is locked down by default. But the problem is that when you really do that, you throw a HUGE pile of software out of the window.

              Sorry, but you clearly havent actually used Vista or 7. They dont ask you "would you like to run as least privilege?" in vista / 7; they force you into that. You have to do some tweaks to remove that policy (by turning off UAC).

              Why do you think Vista was hated so much? Some of it was performance, but the big user gripe was the "allow or deny" prompts, which were due to dropped privileges.

              And you clearly are unaware of all the junction points, registry virtualization, etc that was put into place to make s

            • You don't know what you're talking about. Seriously.

              Starting with Vista, users, even "Power Users" and "Administrators", run least-priviliged to start. For compatibility's sake, writes to %PROGRAMFILES% and friends are virttualized and shunted aside to a per-user store. To get code to run as an Administrator, you need to "Run As Administrator" the program itself, another process (such as cmd or Windows Explorer) tat then launches the program, or you have to code the application to request privilege elevati

          • by galanom (1021665)

            I used DOS for nearly 10 years and I've never been hacked!
            Not even when I put a null-modem cable on the serial port!

      • by Jonner (189691)

        It means there are probably quite a few rooted Linux boxes out there and the users don't realize it because they bought into hype that their computer had impenetrable security.

        So how does that explain the far greater number of compromised Windows boxes? It's unlikely their owners thought they had impenetrable security. Compromised machines exist because people take foolish risks and aren't vigilant for malware either out of ignorance or apathy regardless of OS. The average user is still much safer running any non-Windows OS, though they shouldn't be complacent.

    • by Eil (82413)

      Which are the lessons for others to learn?

      Purchase and install a good antivirus solution.

  • by diego.viola (1104521) on Wednesday October 05, 2011 @04:32PM (#37617122)
    when is bugzilla.kernel.org coming back as well?
  • Yay! I spent the last two weeks learning git, and Google kept pointing me to kernel.org for the documentation. Having the site actually up will be nice, although I've already learned everything possible about Git!

    • by Jonner (189691)

      Yay! I spent the last two weeks learning git, and Google kept pointing me to kernel.org for the documentation. Having the site actually up will be nice, although I've already learned everything possible about Git!

      Perhaps you should have used the git project's actual site [git-scm.com].

    • by folderol (1965326)
      If your name is not Linus Torvalds you haven't learned everything possible about Git!
      • by Jappus (1177563)

        And if your name is Linus Torvalds, you don't have to learn everything possible about Git, as you can just decree whatever you think is right as being right.

  • sh-3.1$ wget http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.4 [kernel.org]
    --2011-10-06 12:41:23-- http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.4 [kernel.org]
    Resolving www.kernel.org... 149.20.4.69
    Connecting to www.kernel.org|149.20.4.69|:80... connected.
    HTTP request sent, awaiting response... 404 Not Found
    2011-10-06 12:41:23 ERROR 404: Not Found.

  • I'm still looking for the 3.0.4 linux kernel tarballs, etcetera. The kernel.org front page lists it, but it isn't available through the usual directory tree via HTTP -- 3.0 yes, 3.0.4 no. And I am one gearhead who actually looks through all the Changelogs. That said, I'm glad you're (kernel.org) back up on-line, well mostly ... ;)

Whoever dies with the most toys wins.

Working...