Linux Kernel Hack Attempt, Developers:1 Hacker:0

A very interesting thing happened the other day: A very crafty attempt was made to hack the Linux Kernel via the source code. On this occaision the attack was a kludge and developers and server administrators noticed the problem.

In fact, the hacker attacked a copy of the code held on a CVS server and maquerading as a developer made changes to kernel internals that would bump a process to the UID of root uder certain flag/signal conditions.

Had the hack found it’s way into the mainstream release, things could have been pretty bad. Modern Linux kernel development is robust enough to notice such blatant hack attempts though and these kind of problems are likely to remain rare.

Although there are Public CVS trees, a key point here is that they are read rather than write: the compromised code would never have been imported back into the main tree.

On this occaision we have the chaps at BitMover to thank, who alongside the kernel developers realised there was a problem and fixed it within 24 hours.

Worthy also of note: Linux people always tend to use the Best Tool For The Job. Not afraid to use closed source or commercial offerings, the Linux kernel is mainly maintained within BitKeeper, a non-free Source Code Repository system. Perhaps this say a lot about CVS!

For more nitty gritty, read the technical details at kerneltrap.org.

TurboTas

Leave a Reply