Re: A question about Knark and modules
At 2:17 Uhr +0200 19.6.2001, Ethan Benson wrote:
what if the attacker can poisen your DNS, or routing tables? then he
can trick apt into downloading his 37337 `security update' (more like
unsecurity update heh)
Yes, but that's a problem anyway, isn't it? In fact it's a question I
have about debian (I'm relative newbie to debian): is there no way to
make .deb's with signatures? Do I have to parse the security-announce
list mail to get signed md5 hashes to check the downloaded deb's? If
so, is there no script doing this already? If yes, the I just wrap
this one, so the cracker could merely prevent updates from taking
get root, run passwd root, ssh in.
But if the passwd command doesn't itself have the rights to access
/etc/shadow but only the root login shell has (which only runs if
called through sshd), then the cracker would have to know your root
passwd before being able to change it.