|
News News regarding BSD and related. |
|
Thread Tools | Display Modes |
|
|||
IRC server had backdoor in source code for months
From http://www.h-online.com/security/new...s-1020987.html
Quote:
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
For an update see http://www.h-online.com/security/new...e-1020987.html
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
I noticed that gentoo, who gets positive coverage in the login; article below for the way they sign packages, was at one point serving up the compromised source, while debian never packaged it, not because signatures or hashes alerted them to irregularities but because certain debian developers had bad feelings about the reliability of the source. That isn't to pick on Gentoo, but it fits very well with the sort of things you sometimes read in openbsd-ports or Bruce Schneier articles about technological measures verses social factors.
http://www.usenix.org/publications/l...dfs/samuel.pdf http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=515130 |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Source code management system Darcs 2.4 released | J65nko | News | 0 | 3rd March 2010 12:42 AM |
explore source code for installed program | bsdnewbie999 | OpenBSD General | 1 | 23rd February 2009 06:13 AM |
Trying to compile GLUT source code on freebsd. | welkin | Programming | 0 | 11th January 2009 03:15 PM |
Google released Android source code | graudeejs | Off-Topic | 1 | 22nd October 2008 10:02 PM |
Source code for ed? | matt | FreeBSD Ports and Packages | 1 | 21st October 2008 08:18 PM |