-
Security Upgraded Knoppix
There are a number of critical security holes in any pre-September linux code that handles JPEGs and BMPs. That includes Mozilla, gtk+2.0 , gdk-pixbuf , kdelibs , and libpng.
See http://secunia.com/advisories/12526/ , 12586, 12564, 12311, 12221. These holes have not been exploited as of 28 Sep 2004, but similar holes are being exploited in windoze now, and will certainly be a problem for Linux/Knoppix before Knoppix 3.8 is available.
I pass out hundreds of Knoppix disks per year, and don't want to pass out exploitable versions of Mozilla and others. I would like to remaster a Knoppix "version 3.6A". I can manage the Mozilla 1.7.3 upgrade, but I am not sure I can get all the libraries right, and if any recompiles are needed, I'm not sure I can find all the applications that are affected.
Is there anyone skilled and willing to work with me to remaster a more secure version of 3.6?
Keith Lofstrom (keithl at keithl dot com)
-
You bring up a question: why worry about it if the OS is running off a bootable CD? The OS itself can not be corrupted by an external attack.
For a third party to attack from the internet via this avenue, he would have to guess which version of Knoppix is being run, then how the particular user is storing his or her data on which kind of nonvolatile memory. It seems like an awful lot of work, for what?
-
Assume that there will be JPEG exploits for Mozilla 1.7.2 . Thus, by running the browser and inavertently looking at an infected site, you will get rooted, and the remote zombie the exploit talks to can read all necessary configuration information. exec( uname -a ) > mail > zombie , for example. The zombie can then select the appropriate rootkit for that version of Linux, and load quite a lot of executable scripts into whatever is writeable - ramdisk, mountable hard disk, operating kernel, whatever. Your hard disk can be scribbled on, your machine can be zombied, passwords and credit cards sent out, all sorts of mischief can be done.
Yes, you can return to status quo with a flick of the power switch - but how does the typical windoze user know when to do that? And it is not quite status quo; your information is on the zombie, and the zombie has put information on your hard disk. If it ever gets control again, it has a running start.
All this can be automated, and there is no protection beyond the read-only nature of the CD, since there is no root password. After the rooting, the CD can be ignored until the next reboot.
The typical Knoppix user is a Linux newbie, straight from windoze. I am giving them a Knoppix CD so they have an alternative to windoze, and most of them will actually use it a long time from now, when their windoze has become unusable, probably by enemy action. I don't want to compound their problems with something that can allow as much damage as windoze itself.
Similar Threads
-
By tofergregg in forum General Support
Replies: 1
Last Post: 01-09-2005, 06:08 AM
-
By Max in forum Hdd Install / Debian / Apt
Replies: 1
Last Post: 03-10-2004, 06:56 PM
-
By theoldmanschild in forum Hdd Install / Debian / Apt
Replies: 22
Last Post: 02-24-2004, 10:32 PM
-
By massai in forum General Support
Replies: 2
Last Post: 01-01-2004, 11:43 PM
-
By audioaficionado in forum Hdd Install / Debian / Apt
Replies: 1
Last Post: 01-26-2003, 08:38 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
![Commodore 64/128 Assembly Language Programming Book SAMS Mark Andrews 1985 picture](/store/img/g/FP8AAOSwuQ5mgDct/s-l225/Commodore-64-128-Assembly-Language-Programming-Boo.jpg)
Commodore 64/128 Assembly Language Programming Book SAMS Mark Andrews 1985
$32.99
![Commodore 1541 Disk Drive With Manuals (Refurbished) picture](/store/img/g/AegAAOSwdNdmeHNc/s-l225/Commodore-1541-Disk-Drive-With-Manuals-Refurbished.jpg)
Commodore 1541 Disk Drive With Manuals (Refurbished)
$50.00
![Commodore 1541-ii Disk Drive, Power Supply, Serial Cable, Box Read Description picture](/store/img/g/VUIAAOSwIIZmeFrA/s-l225/Commodore-1541-ii-Disk-Drive-Power-Supply-Serial-C.jpg)
Commodore 1541-ii Disk Drive, Power Supply, Serial Cable, Box Read Description
$69.99
![Commodore SX-64 Accessory/Parts Carrying Case Bag picture](/store/img/g/b~oAAOSwWaxmf1Ll/s-l225/Commodore-SX-64-Accessory-Parts-Carrying-Case-Bag.jpg)
Commodore SX-64 Accessory/Parts Carrying Case Bag
$72.88
![Vintage Commodore 64 Lot with 154I Floppy Disk Computer, 8 Games and 2 Manuals picture](/store/img/g/ebsAAOSwBdBmf09W/s-l225/Vintage-Commodore-64-Lot-with-154I-Floppy-Disk-Com.jpg)
Vintage Commodore 64 Lot with 154I Floppy Disk Computer, 8 Games and 2 Manuals
$200.00
![Cosmi Spider Invasion & Slinky Arari | TI 99/4A | Commodore VIC-20 Cassettes picture](/store/img/g/YzYAAOSw6~FmafHk/s-l225/Cosmi-Spider-Invasion-Slinky-Arari-TI-99-4A-Commod.jpg)
Cosmi Spider Invasion & Slinky Arari | TI 99/4A | Commodore VIC-20 Cassettes
$33.80
![Commodore Plus/4 Computer w/ POWER CORD & Box MUST SEE picture](/store/img/g/HwgAAOSwPXxmgEK8/s-l225/Commodore-Plus-4-Computer-w-POWER-CORD-Box-MUST-SE.jpg)
Commodore Plus/4 Computer w/ POWER CORD & Box MUST SEE
$125.00
![Commodore PET 4032 - tested, clean, working picture](/store/img/g/J6kAAOSwSiRmgGAk/s-l225/Commodore-PET-4032-tested-clean-working-.jpg)
Commodore PET 4032 - tested, clean, working
$599.00
![pi1541 Disk Emulator for Commodore - picture](/store/img/g/oBUAAOSwVpRe~PRt/s-l225/pi1541-Disk-Emulator-for-Commodore-Free-shipping.jpg)
pi1541 Disk Emulator for Commodore -
$38.95
![Professionally Restored NTSC Commodore 64 | Cleaned, Recapped, and Guaranteed picture](/store/img/g/D5sAAOSwwZhmgESJ/s-l225/Professionally-Restored-NTSC-Commodore-64-Cleaned-.jpg)
Professionally Restored NTSC Commodore 64 | Cleaned, Recapped, and Guaranteed
$289.00