Slashdot Mirror

← Back to Stories (view on slashdot.org)

Debian Locks Out Developers

Posted by ryuzaki0 on from the in-the-name-of-safety dept.

daria42 wrote in with an update to an earlier story about a Debian server that was compromised. He explains: "The Debian GNU/Linux project has discovered a compromised developer account was used to gain access to a server compromised this week. A local kernel vulnerability was then used to gain root access. Due to this, a number of developers with weak passwords have been locked out of their system accounts." To be fair, they'll most likely be let in once everything's back to normal. Of course, they'll probably need to set safer passwords too.

1 of 331 comments (clear)

  1. Re:Weak Passwords ?? If they know that ...well by LordLucless · · Score: 0, Flamebait

    First Post: Unless Debian is doing something very stupid like keeping passwords in clear text, hashing passwords reversibly, hashing passwords to their original length, or something else equally amateurish(sp).... Then the vulnerability is in fact in the Debian system, in their management's soul, & they have some pretty bad techs...

    Second Post: And I was not knocking the Debian code, just the management errors that led to this particular problem.

    see here - take special note of definition 3.

    --
    Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face