Slashdot Mirror
Major Security Hole In Samsung Linux Drivers
GerbilSoft writes with news of a major security hole in Samsung's proprietary Linux printer drivers. From the Ubuntu Forums: "Just to inform you about a recent post on the French Ubuntu forum about Samsung drivers (sorry, in French). [Google translation here.] It appears that Samsung unified drivers change rights on some parts of the system: After installing the drivers, applications may launch using root rights, without asking any password. What is more, you may be able to kill your system, by deleting system components, generally modifiable only by using sudo." GerbilSoft adds: "Among the programs that it sets as setuid-root are OpenOffice, xsane, and xscanimage."
Am I imagining things, or are systems that are supposed to be more secure than others getting caught with their pants down alot more lately ?
Maybe all the boasting has got people feeling too comfortable, letting their guard down.
Wanna fight ? Bend over, stick your head up your ass, and fight for air.
"Major Security Hole In Samsung Linux Drivers"
Something possibly bad about Linux! I don't have time to analyze what happened, so I'll just shoot some of my best knee-jerk responses:
1. Because they're not open source! You see how only binary stuff is bad in Linux!
2. Samsung did it to undermine Linux!
3. Good, it shows someone cares and possibly uses Samsung's Linux drivers!
All of the above proves conclusively how great Linux is.
...I would not call this a mere bug. This was an intentional attempt to create a backdoor. Come on, who believes that a very specific driver of all things changes the permissions of a very unspecific program like OpenOffice? Something like that does not happen by accident.
Ok, I might be wrong with my accusation, but in this case I'd say I don't have to prove it, but Samsung has to prove its innocence by making public in details how exactly it came to this 'bug'.
You're obviously not in management.
I hate printers.