LWN.net Logo

Advertisement

TrustCommerce

E-Commerce & credit card processing - the Open Source way!

Advertise here

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for November 27, 2008

LWN.net Weekly Edition for November 20, 2008

MinGW and why Linux users should care

LWN.net Weekly Edition for November 13, 2008

NLUUG/ELCE: Embedded devices and free software

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Numerous Debian Project systems compromised

Numerous Debian Project systems compromised

Posted Nov 21, 2003 19:00 UTC (Fri) by JoeBuck (subscriber, #2330)
In reply to: Numerous Debian Project systems compromised by Wummel
Parent article: Numerous Debian Project systems compromised

Unfortunately, based on similar problems at the FSF, it is quite possible that this is a "inside job" (that one of the 1200+ people with developer access might have done the crack). Having people vouch for each other doesn't prevent this. There was a guy I knew once that I would have trusted with my life, and then I found out that he stole checks from another friend who trusted him to house-sit, forged the signature and stole a significant amount of money.

Having a bad seed in the Debian Project is a scary thought: all these folks can upload packages, and each package is installed as root and can therefore do pretty much whatever it wants. The Debian policies concerning digital signatures probably deter most temptations in this area, because the bad guy's signature would be attached to the bad code. Still, it's worrying.

(Log in to post comments)

Numerous Debian Project systems compromised

Posted Nov 21, 2003 23:19 UTC (Fri) by Ross (subscriber, #4065) [Link]

This is interesting. I would like to know what mechanism was used to
either gain unauthorized remote access to the system or to escalate from
an authorized level of access to an unauthorized one.

Is it something that can prevented by better hardening of the servers?
Was it due to unapplied patches or misconfiguration? Bad passwords?
GPG bugs? Compromized systems which were trusted by the server?

I also wonder if there is any connection with the recent modification of
the Linux CVS gateway.

I think we can better protect ourselves in the future if we understand
how these attacks are being perpetrated.

Numerous Debian Project systems compromised

Posted Nov 22, 2003 16:49 UTC (Sat) by ccchips (guest, #3222) [Link]

This is interesting. I have posted comments before on this site in which I mention the word "betrayal."

It doesn't hurt the cause if people around the world, especially those who don't know the technical ins and outs of computers, could understand the nature of this beast in our field.

People who advocate more liberal drug laws are familiar with it since day one. There was a time, in the 1970's, when it actually became quite fashionable to spurn informants and people who betrayed one's trust. In our industry, however, we are currently at a point where we are still quite able to identify, and *expose*, people who are willing to sell out to the likes of Microsoft and SCO by engaging in clearly criminal behavior.

It was said earlier that bringing in law-enforcement could mean that the servers would be impounded, but there must be some better way to do it. People who violate the law by breaking into the property of others should be punished, and that's that.

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds