LinuxSA Mailing list archives

  From: Andrae Muys <a.muys@mailbox.uq.edu.au>
  To  : Dale Long <dalel@loftuscomp.com.au>
  Date: Wed, 25 Nov 1998 14:24:05 +1000 (GMT+1000)

Re: Linux Security

On Wed, 25 Nov 1998, Dale Long wrote:

> What are people's opinions and experiences of some of the security
> issues that have been revealing themselves recently.  For example, on
> rootshell.com, one can find reference to "shit.c".

This reemergance of the SIGIO exploit is beginning to annoy me.  This
attack was published in July, and was patched in 2.0.35 on the 13th of
July.  In fact the fix was so trivial I was able to fix it myself (the
advantage of OSS), one change to one line was all that was required ---
granted this broke a few programs, and the final fix in .35 was more
extensive (correct, and comprehensive :).

My dislike of rootshell stems not from their full disclosure policy (such
sites are both inevitable, and important), rather their failure to provide
links/information for fixes to the exploits they publish.

If you are truly interested in finding information about security issues
rootshell should be one of the last places you should visit.  It is useful
only for finding code/scripts for exploits, not for information.  You
would be far better off checking out a Bugtraq, or CERT mailing list
archive.  Or checking linuxhq for specific bug fixes contained in various
kernel releases (SIGIO was the first listed fix in .35).

If you want to penetrate systems, rootshell is a useful site.  If you want
the information required to defend yourself, there are better places to
go.

Andrae Muys

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Andrae Muys              "Never ascribe to malice that which is adequately
andrae@humbug.org.au      explained by incompetence." - Napoleon Bonaparte

-- 
Check out the LinuxSA web pages at http://www.linuxsa.org.au/
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject