Linux kernel attack thwarted

An unknown attacker tired to plant a Trojan virus in the Linux kernel

By Robert McMillan

November 7, 2003 12:00 PM ET

Recommended

IDG News Service - An attempt by an unknown attacker to plant a Trojan virus in the Linux kernel has been blocked.
On Wednesday, kernel developers discovered that a server hosting a copy of the Linux source code had been compromised and that a Linux kernel file had been changed to allow the attacker unauthorized access to operating systems built with the affected source code.
The machine in question, Kernel.bkbits.net, hosted a version of the Linux source code that was used by only a handful of Linux developers, according to Larry McVoy, a maintainer of the machine. "It's not a very tightly secured machine. It's more of a kernel developers' playground," he said.
McVoy didn't consider the attack to be significant because the exploit was quickly identified and because the site in question is used by such a small number of developers. The compromise was detected and corrected within 12 hours, and the compromised source was downloaded by, at most, a handful of developers, McVoy estimated.
The Kernel.org and Linux.bkbits.net sites that are used by the vast majority of Linux developers, including companies like Red Hat Inc. and SUSE Linux AG, weren't affected by the attack, McVoy said. Had an attacker been able to plant the exploit on those machines, it would have been "a dramatically bad thing," McVoy said.
The attack illustrates both the strengths and weaknesses of Linux development, said Linux creator Linus Torvalds in an e-mail interview. "To some degree, the fact that kernel development is pretty distributed and there isn't a single kernel tree that is 'the' tree means that there's not a single point of failure," he said.
"That also means that there are more endpoint machines," he said. "So arguably there are more targets for cracking."
Kernel.bkbits.net will be returned to service in a few days, when the machine has had its hard drive replaced and a new operating system installed with security fixes, McVoy said.

Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

Linux

Additional Resources

Xerox

Win a color printer!

By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!

Microsoft

Upgrade to Internet Explorer 8 today.

Save time and mitigate security risk. Deploy it now.

Sybase

NEXT-GENERATION MOBILITY PLATFORMS

In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.