Blog Ho!
A swashbuckling adventure in open source, innovation, and photography		 Wednesday, 20 August 2008
Home
Photography
Polls
Your photography level of interest...
 
IMG_1856.jpg

Date: 06/20/2005 Views: 327


 

Social Engineering Your Way Into The Kernel Print E-mail
Tuesday, 11 November 2003
This clever attempt to add a privelage escalation bug into the linux kernel illustrates a very sophistocated and forward thinking form of an attack. A good discussion can be found here.

It also lends some fuel to both sides of the "is open source more or less seucre?" question. Yes, anyone can contribute code (including malicious coders like this one), but all contributions are visible and subject to inspection. Thankfully, this attack was caught right away.

This also illustrates the subtle ways that programming language design decisions can have far reaching and unexpected results. Anyone who's written more that 10 lines of C is familiar with the bug the attacker tried to exploit. "=" means assignment, and "==" tests equality. It's a very easy bug to create that even seasoned C programmers often miss.




Write Comment
  • Please keep the topic of messages relevant to the subject of the article.
  • Personal verbal attacks will be deleted.
  • Please don't use comments to plug your web site.. Such material will be removed
Name:Guest
Title:
Comment:

This image contains a scrambled text, it is using a combination of colors, font size, background, angle in order to disallow computer to automate reading. You will have to reproduce it to post on my homepage
Enter what you see: *
tips: hit Reload page before writing a text if you have difficulty reading characters in image

Comments

Powered by AkoComment 2.0! and SecurityImage 3.0.4

 
< Prev   Next >
[ Back ]