Re: [Full-disclosure] Linux big bang theory....

From: Andrew Farmer <andfarm_at_nospam>
Date: Mon May 14 2007 - 06:07:25 GMT
To: Tremaine Lea <tremaine@gmail.com>

On 13 May 07, at 21:24, Tremaine Lea wrote:
> This might be a bit hard for you to understand, but no OS is
> impossible to break.
>
> If you think that's the case with OSX, you haven't been keeping up
> very well at all.
>
> And before you get your knickers in a bunch, *I* use OSX.

Yep. All that I was pointing out was that this script happens to break under OS X, because it makes assumptions that aren't true outside a Linux system. This doesn't mean that it couldn't be modified to work correctly, though.

This script really doesn't prove anything, though. All it shows is that a compromised machine can be difficult to impossible to clean properly - which has been known for a *long* time. Ken Thompson discussed a much cleverer one in "Trusting Trust". It's also worth noting that this is in no way specific to UNIX systems. It's simply an unalterable fact that, once an attacker has had full access to the machine, it's possible for them to make changes which will allow them reentry at a later date.

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

This message: [ Message body ]
Next message: KJKHyperion: "Re: [Full-disclosure] Linux big bang theory...."
Previous message: Just1n T1mberlake: "Re: [Full-disclosure] Linux big bang theory...."
In reply to: Tremaine Lea: "Re: [Full-disclosure] Linux big bang theory...."
Next in thread: Vincent Archer: "Re: [Full-disclosure] Linux big bang theory...."
Reply: Vincent Archer: "Re: [Full-disclosure] Linux big bang theory...."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]