A malfeasant hacked into a server where the source code repository for the Linux kernel resides and injected a clever exploit into the source. They wrote the code such that any program calling a particular system function with a certain set of flags would gain root access to the machine. Fortunately, the hack was sniffed out through a regular a file integrity check and some subsequent digging. The most ingenious part is that the hack only comprised two lines of code, and was camouflaged as the common = != ==
mistake that programmers make all the time.
Brilliant but evil
A malfeasant hacked into a server where the source code repository for the Linux kernel resides and injected a clever exploit into the source. They wrote the code such that any program calling a particular system function with a certain set of flags would gain root access to the machine. Fortunately, the hack was sniffed out through a regular a file integrity check and some subsequent digging. The most ingenious part is that the hack only comprised two lines of code, and was camouflaged as the common
= != ==
mistake that programmers make all the time.Commentary
Previous post
The single party systemNext post
The politics of history