Kernel Breach Averted - Thanks to McVoy's Config Management System
Malicious hacker tries to change source code of the Linux kernel, thwarted by "BitKeeper" system
By: Linux News Desk
Nov. 10, 2003 12:00 AM
According to the release, this was the first known security breach to threaten the Linux kernel.
It was a "Trojan Horse" style of attack that, if not caught, could have allowed a local user to gain administrative privileges onto a Linux operating system - privileges that typically enable someone to access confidential information from a company's internal machines, delete files, and tap into private e-mail accounts.
"This is the first known attempt to deliberately add a security flaw to Linux," said Ted T'so, a senior Linux developer and security expert. "The discovery of this breach underscores the importance of having a configuration management tool that verifies the integrity of the source code," he added.
BitKeeper - used to develop the Linux kernel, the MySQL database, the Xaraya content management system, and hundreds of commercial products worldwide - is a configuration management system produced by BitMover, Inc., a San Francisco-based company founded by Linux developer and configuration management expert, Larry McVoy.
"I am confident the security breach would have been caught before the code was released for general availability. But without BitKeeper, the error may have gone unnoticed for weeks or months, not hours," said McVoy, when asked about the incident.
"All code stored under the BitKeeper repository is routinely checked for integrity, a unique feature that ensures that disk, memory, or network corruptions haven't changed the original content," McVoy explained. "Last week, the BitKeeper integrity checks caught the breach believed to be created by a malicious hacker trying to change source code of the Linux kernel to include a security flaw known as a Trojan horse. Competitive configuration management tools don't have the same integrity checks," he observed, "and could have easily allowed the security breach to have entered the Linux operating system."
Reader Feedback: Page 1 of 1
SOA World Latest Stories
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
SYS-CON Featured Whitepapers
Most Read This Week