An attempt to backdoor the kernel
An attempt to backdoor the kernel
Posted Nov 7, 2003 2:45 UTC (Fri) by iabervon (subscriber, #722)Parent article: An attempt to backdoor the kernel
The real risk of contamination from this would be if one of the trusted
kernel developers who use the gateway had gotten the changed version, and
then submitted the modification to Linus in the middle of their next
chunk of work. Linus checks things fairly thoroughly, but a couple of
innocuous-looking lines in the midst of a bunch of similar changes would
be likely to get through. And when it got found (due, probably, to the
exploit showing up in a rootkit), there would be an audit trail that led
back as far as the innocent developer, and no further, since the fake
changes would have been overwritten with data from the real repository in
the next cycle.
(Note that, after a cycle and only after a cycle, CVS would not see the
change in its repository, and therefore think that it must have been made
by the developer and include it in diffs)
Posted Nov 13, 2003 21:05 UTC (Thu)
by proski (subscriber, #104)
[Link]
Developers who use CVS correctly would not have this problem. "cvs diff" doesn't include changes made by others.
An attempt to backdoor the kernel