Slashdot Mirror


Debian Locks Out Developers

daria42 wrote in with an update to an earlier story about a Debian server that was compromised. He explains: "The Debian GNU/Linux project has discovered a compromised developer account was used to gain access to a server compromised this week. A local kernel vulnerability was then used to gain root access. Due to this, a number of developers with weak passwords have been locked out of their system accounts." To be fair, they'll most likely be let in once everything's back to normal. Of course, they'll probably need to set safer passwords too.

5 of 331 comments (clear)

  1. an inside job ? by observer7 · · Score: -1, Flamebait

    read today that microsoft said they were coming after linux , ibm and google and wipe the earth with them in the enterprise ...hmmmmm

  2. Re:I wonder... by Anonymous Coward · · Score: -1, Flamebait

    Please kill yourself. Thanks.

  3. Re:Ah. balance by Anonymous Coward · · Score: -1, Flamebait

    Huuuuurr!! You are so awesome dude!! Actually, no, you are a total fuscking faggot. And, for what it is worth, I hope you die. Soon.

  4. Re:Weak Passwords ?? If they know that ...well by LordLucless · · Score: 0, Flamebait

    First Post: Unless Debian is doing something very stupid like keeping passwords in clear text, hashing passwords reversibly, hashing passwords to their original length, or something else equally amateurish(sp).... Then the vulnerability is in fact in the Debian system, in their management's soul, & they have some pretty bad techs...

    Second Post: And I was not knocking the Debian code, just the management errors that led to this particular problem.

    see here - take special note of definition 3.

    --
    Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
  5. Re:Ah. balance by maita · · Score: -1, Flamebait

    Fuck you. Forget about OpenSSH and PAM. It'll never happen. As I said, fuck you motherfucker.