Slashdot Mirror
Linux Kernel Exploit Busily Rooting 64-Bit Machines
An anonymous reader writes "Running 64-bit Linux? Haven't updated yet? You're probably being rooted as I type this. CVE-2010-3081, this week's second high-profile local root exploit in the Linux kernel, is compromising machines left and right. Almost all 64-bit machines are affected, and 'Ac1db1tch3z' (classy) published code to let any local user get a root shell. Ac1db1tch3z's exploit is more malicious than usual because it leaves a backdoor behind for itself to exploit later even if the hole is patched. Luckily, there's a tool you can run to see if you've already been exploited, courtesy of security company Ksplice, which beat most of the Linux vendors with a 'rebootless' version of the patch."
The Windows geeks obviously will want to paint this as a native Linux vulnerability that they don't have - and it is marginally true.
"Marginally true"??? What's that? Is it like marginally dead or perhaps marginally pregnant? Wait a second. That can't be true. Everyone knows Linux users don't get rooted ;-)
These posts express my own personal views, not those of my employer
Come on. RHEL sucks, and the only people using it are noobs and sysadmins that didn't have the balls to tell their managers "fuck you, I'm installing slackware".
CentOS is the same, but for cheap bastards.
Regardless, you don't need an "easy fix". No qualified sysadmin uses the stock kernel that came with the distro in any critical server. If there's a patch, you'll just apply it to your sources and recompile. Only desktop users and not-critical services should rely on distro's updates. If you are relying on your distribution's updates for critical fixes on any service even remotely important, you are either fucking nuts or absolutely incompetent.
WTF am I doing replying to an AC at 5 A.M on a Friday night?
http://tinyurl.com/linuxbad. Reason for http://openbsd.org/ and http://freebsd.org./
I'm pretty sure more than 10 people know about and more than 3 people use flash. As much as I hate flash, until we DO get rid of it, it is pretty much required if you want to watch more a dozen videos online. Oh yeah, did I mention thunderbird's lightning extension. I went for about 6 months before I could get that to work!
I've been running 64 bit on my machine for years, but there are still some developers that simply don't realise how many of us do.
Well, what kind of proprietary crap are you running? choose better software, it's still your fault.
WTF am I doing replying to an AC at 5 A.M on a Friday night?
Wow, I don't think "pretty much all" windows machines were ever infected with the same thing. Good thing Linux is sooooo much more secure. I mean other than the fact that no it isn't, people just don't target them. I think people got way too comfy and caused this dire situation.
Google's Super Secret Search Algorithm: SELECT @search_results FROM internet WHERE @search_results = 'good'
How badly can the /. moderation system be abused? I'm not sure. Please read the cousin post and the parent and decide for yourself whether the moderation system has been abused by me or somebody else.
If it's me, I can bear it.
Help stamp out iliturcy.
I would be a default Windows Server 2008 installation with all updates installed. Interested?
Yep, there is a very BIG difference between someone rooting your machine locally, or through the internet. If someone can root my box locally, I have much bigger worries to contend with, such as someone is in my house, where is my gun
As long as someone can't root my Linux 64 box through the internet, this is a non-issue.
Nothing to see here, please move along
"Suppose you were an idiot...and suppose you were a member of Congress...but I repeat myself." Mark Twain
Hah hah hah hah, you're a real cocker now. What part of *PENIS* do you not understand?