Date: Sat, 21 Jul 2001 18:24:00 -0400 From: "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu> To: "Chad R. Larson" <chad@DCFinc.com>, Mike Meyer <mwm@mired.org> Cc: Chris Faulhaber <jedgar@fxp.org>, Tom <tom@uniserve.com>, admin@kremilek.gyrec.cz, freebsd-stable@FreeBSD.ORG Subject: Re: probably remote exploit Message-ID: <37430000.995754239@vpn88.ece.cmu.edu> In-Reply-To: <20010721140425.B18907@freeway.dcfinc.com> References: <Pine.LNX.3.96.1010720174942.651C-100000@kremilek.gyrec.cz> <Pine.BSF.4.10.10107200923060.4917-100000@athena.uniserve.ca> <20010720111551.A12442@freeway.dcfinc.com> <20010720141820.C47930@peitho.fxp.org> <20010720140331.A12903@freeway.dcfinc.com> <15192.57986.777597.940024@guru.mired.org> <20010721140425.B18907@freeway.dcfinc.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Saturday, July 21, 2001 14:04:25 -0700, "Chad R. Larson" <chad@DCFinc.com> wrote: +----- | I still believe only the CVSup binary itself would have to be off a CD +--->8 Depends on the paranoia level, I guess. There could still be "evil" loadable kernel modules; the compiler could have been modified (see "Reflections on Trusting Trust"); there are *lots* of ways that someone could control the result of a buildworld, if they really wanted to. Complete certainty requires a nuke and full reinstall; anything less leaves room for someone to booby-trap the rebuild. That said, it'd be unusual if you even needed to do anything other than rebuild the world already present; skriptkiddiez don't usually do anything other than replace running binaries and config files. -- brandon s. allbery [os/2][linux][solaris][freebsd] allbery@kf8nh.apk.net system administrator [JAPH][WAY too many hats] allbery@ece.cmu.edu electrical and computer engineering KF8NH carnegie mellon university [linux: proof of the million monkeys theory] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?37430000.995754239>