[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: A question about Knark and modules

At 2:17 Uhr +0200 19.6.2001, Ethan Benson wrote:
what if the attacker can poisen your DNS, or routing tables?  then he
can trick apt into downloading his 37337 `security update' (more like
unsecurity update heh)

Yes, but that's a problem anyway, isn't it? In fact it's a question I have about debian (I'm relative newbie to debian): is there no way to make .deb's with signatures? Do I have to parse the security-announce list mail to get signed md5 hashes to check the downloaded deb's? If so, is there no script doing this already? If yes, the I just wrap this one, so the cracker could merely prevent updates from taking place successfully.

get root, run passwd root, ssh in.

But if the passwd command doesn't itself have the rights to access /etc/shadow but only the root login shell has (which only runs if called through sshd), then the cracker would have to know your root passwd before being able to change it.


Reply to: