LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - News > Syndicated Linux News
Reload this Page LXer: Critical Linux vulnerability imperils users, even after silent fix
User Name
Password
Syndicated Linux News This forum is for the discussion of Syndicated Linux News stories.

Notices


Reply
  Search this Thread
Old 05-16-2013, 02:50 PM   #1
LXer
LXer NewsBot
 
Registered: Dec 2005
Posts: 128,284

Rep: Reputation: 118Reputation: 118
LXer: Critical Linux vulnerability imperils users, even after silent fix

Published at LXer:

For more than two years, the Linux operating system has contained a high-severity vulnerability that gives untrusted users with restricted accounts nearly unfettered "root" access over machines, including servers running in shared Web hosting facilities and other sensitive environments. Surprisingly, most users remain wide open even now, more than a month after maintainers of the open-source OS quietly released an update that patched the gaping hole.

Read More...
 
Old 05-16-2013, 08:24 PM   #2
jefro
Moderator
 
Registered: Mar 2008
Posts: 21,974

Rep: Reputation: 3623Reputation: 3623Reputation: 3623Reputation: 3623Reputation: 3623Reputation: 3623Reputation: 3623Reputation: 3623Reputation: 3623Reputation: 3623Reputation: 3623
It has never been a high issue with linux to force security or rather "enforce" security by default. I just look back in time to when nothing had any security on it at all. What were we thinking? It is way past time to correct that mistake.


Good reason to be using a FreeBSD kernel??
Last edited by jefro; 05-16-2013 at 08:27 PM.
 
Old 05-17-2013, 02:45 AM   #3
H_TeXMeX_H
LQ Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301
Code:
bash-4.2$ compile semtex.c 
bash-4.2$ ./semtex 
semtex: semtex.c:51: sheep: Assertion `!close(fd)' failed.
Aborted
bash-4.2$ grep 'CONFIG_PERF_EVENTS' /boot/config
CONFIG_PERF_EVENTS=y
bash-4.2$ uname -r
3.4.45
I suppose this means it didn't work ...
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Critical Java vulnerability made possible by earlier incomplete patch LXer Syndicated Linux News 0 01-12-2013 03:12 PM
LXer: Critical vulnerability in Ruby on Rails parameter parsing LXer Syndicated Linux News 0 01-09-2013 09:10 AM
LXer: Mozilla confirms critical vulnerability in Firefox 3.5 LXer Syndicated Linux News 0 07-15-2009 06:00 PM
LXer: Rumours of critical vulnerability in OpenSSH in Red Hat Enterprise Linux LXer Syndicated Linux News 0 07-08-2009 11:20 PM
LXer: Linux Users - You Have The Right To Remain Silent, Anything You Say... LXer Syndicated Linux News 0 08-28-2007 10:10 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - News > Syndicated Linux News

All times are GMT -5. The time now is 11:33 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration