“Security holes are not uncommon in the software industry. But a
recent vulnerability discovered in a Red Hat (RHAT) Linux product
has refueled the debate over the security of open-source
software.”
“Internet Security Systems’ research division discovered in
mid-April that Piranha, a collection of utilities used to
administer the Linux Virtual Server in the latest version of Red
Hat Linux, ships with a default password. If the password is not
reset, a malicious hacker could use it to make changes to Web pages
on the server and possibly bootstrap to other servers on the
network that might have vulnerabilities, says Chris Rouland,
director of the ISS research division that calls itself the
‘X-Force.'”
“ISS has since helped Red Hat fix the problem. The default
password was ‘simply overlooked in quality assurance and not
removed,’ Rouland says, adding that such oversights illustrate a
flaw in the security model of open-source software, in which many
independent developers adapt and add to the product’s code.”
“‘There’s limited quality assurance in the open-source
environment,’ says Rouland, ‘because open-source software is
basically a bunch of peoples’ hobby.’“
Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.
LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.