LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Editorial section?

Editorial section?

Posted Jan 26, 2012 1:26 UTC (Thu) by nevets (subscriber, #11875)
In reply to: Editorial section? by nevets
Parent article: A /proc/PID/mem vulnerability

If somebody actually finds a load where this matters, we'll need to revert this commit

I'm surprised someone didn't respond to this saying:

"Hey! My rootkit no longer works. Please revert this commit."

(Log in to post comments)

Editorial section?

Posted Jan 26, 2012 17:30 UTC (Thu) by nix (subscriber, #2304) [Link]

You think you're joking, but I've been on one site, nameless to protect the guilty, where the sysadmins did not (for stupid political reasons) have the ability to change the password, and had long forgotten what that password was, and where auditors forbade the installation of additional privileged binaries -- so, rather than use sudo or something like that, they kept an exploit binary around to give them a root shell 'because it works as long as we don't upgrade the kernel'.

(I pointed out how stunningly unwise this was, and was told that this was the way they'd always done it and they weren't going to change.)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds