[Hackmeeting] kernel.org

Delete this message

Reply to this message
Author: lilo
Date:  
To: hackmeeting
Subject: [Hackmeeting] kernel.org
FYI.

Kernel.org, where the vanilla Linux kernel and other Linux related code
is stored, has been hacked in early August.
The Kernel.org admins believe that the intruder gained access through a
compromised account and then used software bugs to get root access to
the Hera server where Torvalds Linux repository is located.
The breach was noticed due to a suspicious error message on the affected
server on August 28th.

The Kernel.org guys are currently investigating the case. They are also
planning to do a full reinstall on all Kernel.org boxes.
They are also checking all the code they're hosting for manipulations.
Of course, manipulating the Linux source code and adding a backdoor
without anyone noticing would be a valuable target for any cracker.

But the nature of Git makes it very unlikely that any changes done to
existing code in the repository would be unnoticed.
Details on why that is are explained in a posting on the Linux
foundation's website:

linux-foundation.org/weblogs/lwf/2011/08/31/the-cracking-of-kernelorg/

The chances that someone with root access on Kernel.org could add a
commit under Torvalds name to his git repository without Torvalds
noticing are almost zero too. This is explained in detail here:
git-blame.blogspot.com/2011/08/how-to-inject-malicious-commit-to-git.html

You can find the Kernel.org news item on their main webpage: kernel.org/


- --
~lilo~
AnonOps: "2008: Obama promises to scrap the Patriot Act.
February 2011: Patriot Act extended.
August 2011: Patriot Act used against @Wikileaks #Oct26"