IDG News Service - An attempt by an unknown attacker to plant a Trojan virus in the Linux kernel has been blocked.
On Wednesday, kernel developers discovered that a server hosting a copy of the Linux source code had been compromised and that a Linux kernel file had been changed to allow the attacker unauthorized access to operating systems built with the affected source code.
The machine in question, Kernel.bkbits.net, hosted a version of the Linux source code that was used by only a handful of Linux developers, according to Larry McVoy, a maintainer of the machine. "It's not a very tightly secured machine. It's more of a kernel developers' playground," he said.
McVoy didn't consider the attack to be significant because the exploit was quickly identified and because the site in question is used by such a small number of developers. The compromise was detected and corrected within 12 hours, and the compromised source was downloaded by, at most, a handful of developers, McVoy estimated.
The Kernel.org and Linux.bkbits.net sites that are used by the vast majority of Linux developers, including companies like Red Hat Inc. and SUSE Linux AG, weren't affected by the attack, McVoy said. Had an attacker been able to plant the exploit on those machines, it would have been "a dramatically bad thing," McVoy said.
The attack illustrates both the strengths and weaknesses of Linux development, said Linux creator Linus Torvalds in an e-mail interview. "To some degree, the fact that kernel development is pretty distributed and there isn't a single kernel tree that is 'the' tree means that there's not a single point of failure," he said.
"That also means that there are more endpoint machines," he said. "So arguably there are more targets for cracking."
Kernel.bkbits.net will be returned to service in a few days, when the machine has had its hard drive replaced and a new operating system installed with security fixes, McVoy said.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
