[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Backport of the integer overflow in the brk system call

On Tue, Dec 02, 2003 at 05:19:22PM -0800, Tom wrote:

> Smartcards would have avoided the Debian compromise: merely having a 
> compromised DD box would have prevented bad guy from getting on the box.
> It's all about layers of defense.
> I think the DD's should seriously think about requiring smartcards.  It 
> would have prevented the proxmiate cause of our recent troubles.

You must be joking.  If the developer's system is compromised, and he logs
into another system after that time, that system can be easily compromised

 - mdz

Reply to: