 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Apr 27, 2011, at 9:50 AM, Edward Ned Harvey wrote: > > Difficult, but certainly not impossible if verification is disabled. Unless there is something that I am missing, an attack of this sort is simple in an environment with automated updates. Take a Debian system using cron-apt to install security updates. I can identify what is currently installed with 'dpkg -l'. From this and a mirror copy I can identify what will be installed during the next update. Determining the update schedule is as simple as looking at /etc/crontab. By default, anacron on Debian runs the cron.daily scripts at 6:25 AM. So, with less than 2 minutes work I know what and when. Now I can pick an executable that I know will be (re)started as root, and there are plenty to choose from. Let's say apachectl. The only difficulty is working up an exploit with a matching hash before 6:25 AM tomorrow. --Rich P.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
