OpenSSH Trojan

Rob 'Feztaa' Park feztaa at shaw.ca
Thu Aug 1 15:31:22 PDT 2002


Alas! Dan Eriksen spake thus:
> On Thu, 1 Aug 2002 20:18:12 +0200 Matthias Benkmann
> <matthias at winterdrache.de> wrote:
> > Lesson to learn: NEVER EVER build as root.
> 
> If an attacker has any brains, wouldn't he add his exploit to the make
> install section? So before anyone installs anything they should really
> be reading through the install target, but that can be a huge job when
> there are many directories. So most don't.

I think the REAL lesson to be learned here is that you should always
wait a good week or two before installing updates. That way somebody
else finds the problems, and you don't have to worry about them.
Mwuahahahhahahah! ;)

-- 
Rob 'Feztaa' Park
http://members.shaw.ca/feztaa/
--
FACILITY REJECTED 100044200000;
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-security' in the subject header of the message



More information about the lfs-security mailing list