[SATLUG] FYI: 64 bit machines are getting rooted

Thomas Weeks tweeksjunk2 at theweeks.org
Sat Sep 25 02:32:57 CDT 2010


On Tuesday 21 September 2010 08:25:40 Don Davis wrote:
> The only untrusted code I've run (outside of a chroot) was the binary
> from ksplice to see if I was at risk for the exploit. I'll sure feel
> silly if that was a trojan...

Don.. the only test you had to run was this:
# uname -a
Linux xcssa.org 2.6.18-53.1.4.el5 #1 SMP Fri Nov 30 00:45:16 EST 2007 i686 
athlon i386 GNU/Linux
    ^^^^^^^^^

Whew.. safe. :)

Tweeks

 
> On 09/21/2010 08:16 AM, Jonathan Hull wrote:
> > On Mon, Sep 20, 2010 at 4:32 PM, Todd W. Bucy <r3d91ll at grandecom.net> 
wrote:
> >> this article was on slashdot today.  This was in the new late last week
> >> but it seems that they now have a tool to inspect your machine.
> >> 
> >> http://linux.slashdot.org/story/10/09/20/0217204/Linux-Kernel-Exploit-Bu
> >> sily-Rooting-64-Bit-Machines
> >> 
> >> Todd
> >> 
> >> --
> >> _______________________________________________
> >> SATLUG mailing list
> >> SATLUG at satlug.org
> >> http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe
> >> Powered by Rackspace (www.rackspace.com)
> > 
> > It almost sounds like a scare story to me. Sure, it's a privilege
> > exploit, but those have existed before and I'm sure we will find more
> > in the future. If you are running untrusted code on your system, root
> > or not, you should rethink your security. IMO anyway.
> > 
> > -Jon


More information about the SATLUG mailing list