 |
Puppy Linux Discussion Forum Puppy HOME page : puppylinux.com "THE" alternative forum : puppylinux.info
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in|
The time now is Sat 18 May 2013, 09:27 All times are UTC - 4 |
 Forum index » Off-Topic Area » Security |
|
Clever attack exploits fully-patched Linux kernel
|
 
|
View previous topic :: View next topic |
| Page 1 of 1 [13 Posts] |
| Author | Message | ||||||||
|---|---|---|---|---|---|---|---|---|---|
|
Lobster
Official Crustacean  Joined: 04 May 2005 Posts: 15109 Location: Paradox Realm |
Hi Guys Been keeping my eyes open so our warrior worriers have something to get their energy into 
http://www.theregister.co.uk/2009/07/17/linux_kernel_exploit/ Not sure if it is applicable but may be of interest . . . _________________ Puppy WIKI |
||||||||
|
|||||||||
 |
|||||||||
prehistoric
 Joined: 23 Oct 2007 Posts: 1207 |
The null-pointer de-reference vulnerability has been around for ages. The compiler optimization which removes the code which checks for this illustrates the serious problem of preserving semantics during optimization. If you look for errors in preserving semantics, you can find them. Many optimizations could be characterized as "I hope this makes things faster without breaking anything". The surprise is not that he found such, it is the size of the class of vulnerabilities exposed. In addition to actual problems of preserving well-defined semantics, there is the problem that many people writing code do not understand the precise semantics of the constructs they are using. This leads to another class of vulnerabilities, which might be classed as psychological. (Here's an example: if an integer is equal to its negation, it must be zero. Right?) Linus is right in saying that no one should be surprised about attackers gaining root privileges if you let them make arbitrary kernel calls. He is off in a dreamworld if he doesn't recognize that running a LAMP installation (Linux, Apache, MySql, PHP) is a very common practice which can allow malicious programs from the web to do exactly that. I'm convinced that a series of attacks on Puppy-related sites gained entry through PHP vulnerabilities. |
||||||||
|
|||||||||
|
|||||||||
abushcrafter
 Joined: 30 Oct 2009 Posts: 1447 Location: England |
This is a disaster! Is puppy at risk? |
||||||||
|
|||||||||
|
|||||||||
|
prehistoric
Joined: 23 Oct 2007 Posts: 1207 |
For cases where it runs a server, there is a special, limited-privilege user named spot. The default HTML server is Hiawatha, not Apache. If you are careful to set up a default firewall before you go on-line, you should be browsing in "stealth" mode. For most purposes, a remote program can't even tell if your ports exist. An attacker who expends the hours of highly-skilled time required to crack a Puppy system will be dismayed to learn the exploit has a very limited target population. An exploit which works on 4.3.1 probably won't work on many puplets. A straightforward economic analysis suggests he would be far better off cracking Ubuntu systems. As for Windows, consider the following. If you think this is "a disaster" you must not know the current state of internet security. A recent study found 48% of computers already infected. In this case, there is no need to "crack" these systems, they are already cracked. (There is an underground economy on which system crackers might sell such systems to those who exploit them for perhaps 10 cents apiece. How much skilled time can you buy with 10 cents?) A study by other security researchers, using a different methodology, could probably go back and find infected systems that report missed. |
||||||||
|
|||||||||
|
|||||||||
|
abushcrafter
Joined: 30 Oct 2009 Posts: 1447 Location: England |
Yes, your right I don't know much on this stuff at all  .
|
||||||||
|
|||||||||
|
|||||||||
Sit Heel Speak
 Joined: 30 Mar 2006 Posts: 2595 Location: downwind |
@Lobster: thanks very much for posting this. From the source code to Mr. Spengler's exploit.c:
|
||||||||
|
|||||||||
|
|||||||||
|
prehistoric
Joined: 23 Oct 2007 Posts: 1207 |
This problem introduced by compiler optimization brings us closer to a nightmare possibility Ken Thompson described in his Reflections on Trusting Trust. N.B. At the time he wrote this, M$ was working for IBM. The famous 1984 Apple MacIntosh ad was aimed at IBM. |
||||||||
|
|||||||||
|
|||||||||
SirDuncan
 Joined: 09 Dec 2006 Posts: 836 Location: Ohio, USA |
I always knew pointers were evil. Sure, they act like they're your friend, building linked lists and passing variables without wasting time and space allocating new memory. As soon as your project deadline approaches, however, they start writing over some other program's memory space and getting accidentally set to NULL. _________________ Be brave that God may help thee, speak the truth even if it leads to death, and safeguard the helpless. - A knight's oath |
||||||||
|
|||||||||
|
|||||||||
tasmod
 Joined: 04 Dec 2008 Posts: 1459 Location: North Lincolnshire. UK |
If you read later post details on that site you will see that this bug and the wi-fi bug have been solved in the newer kernel. _________________ Rob - The moment after you press "Post" is the moment you actually see the typso  |
||||||||
|
|||||||||
|
|||||||||
|
nooby
Joined: 29 Jun 2008 Posts: 9381 Location: SwedenEurope |
which Puppies use that older kernel then? How does the newbie know about such? _________________ I'm a noob so I use Google Search of Puppy Forum |
||||||||
|
|||||||||
|
|||||||||
|
Sit Heel Speak
Joined: 30 Mar 2006 Posts: 2595 Location: downwind |
So, if compiling the kernel with gcc, and if using the usual Puppy kernel-compile sequence of make distclean make clean (or, in lieu of the above, make mrproper) make menuconfig make make modules_install ...the -fno-delete-null-pointer-checks CFLAG should be invoked, by appending it to the line which sets HOSTCFLAGS in the top-level kernel Makefile--for example, in 2.6.31.6, changing the line in /usr/src/linux-2.6.31.6/Makefile from
. This will prevent (knock on wood) *any* similarly-introduced null pointer problem from opening the vulnerability (heh...famous last words...) |
||||||||
|
|||||||||
|
|||||||||
Kirby
 Joined: 28 Dec 2009 Posts: 52 Location: Oregon, US |
AAAArgh I was feeling all smug this morning because I was thinking I was Mostly safe from Malware and such. Last night I downloaded a small "Free" piece of software on my Puppy to install on my Old XP box to try and network my new Ancient IBM Thinkpad running win95 to XP . I have to do this because it's now the only way to transfer files over to it via a Direct Cable Connection. Well Low and behold soon as I executed the file it installed a nasty Virus on the XP box. At least it had the decency to inform me right away! LOL I am reformatting it as I write this. I came on here to see if there were any Puplets made just for Virus scanning and such when I saw the new thread on Rootkits in Puppy! I quickly ran to the kitchen for my colander and neatly wrapped it in tin foil to prepare for battle! After much reading in here I guess it just comes down to playing it safe with some preparation and luck. If I had virgin hardware, plenty of software protection and never let my computer get on the net or swap files with another, perhaps I would be at very low risk. But Life is only fun when there is some risk involved so I guess it goes with the territory to some extent. This exploit on the Kernel brings up another question for me now. Does the feature "Trim the Fat" when installing Pets also create this vulnerability as well? PS. Would it be safer to use an IBM mainframe from the mid 60's using only a card reader to get on the net? Or would they use the Y2k Bug to "Poke Holes" in it too? Kirby _________________ "When you come to your cross roads, step off the road and go down the path of your own making". ~Bohemian proverb~ *edit* "When you're lost in the woods from straying from the road, Always be sure to carry a Flashlight!" ~Improved Bohemian Proverb~ |
||||||||
|
|||||||||
|
|||||||||
|
Lobster
Official Crustacean Joined: 04 May 2005 Posts: 15109 Location: Paradox Realm |
That's the spirit. Puppy is at the stage were it has to consider the security aspects and we may have to create a wiki page on custom building a colander. Anybody use Wardog - or is telling us a security risk? http://greylodge.org/gpc/?cat=145 _________________ Puppy WIKI |
||||||||
|
|||||||||
|
|||||||||
Clever attack exploits fully-patched Linux kernel
| Page 1 of 1 [13 Posts] |
|
|
View previous topic :: View next topic |
|
Forum index » Off-Topic Area » Security |
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum |
Powered by phpBB © 2001, 2005 phpBB Group