Linux Today: Linux News On Internet Time.

More on LinuxToday

Security breach on kernel.org

Aug 31, 2011, 23:42 (2 Talkback[s])

"Earlier this month, a number of servers in the kernel.org infrastructure were compromised. We discovered this August 28th. While we currently believe that the source code repositories were unaffected, we are in the process of verifying this and taking steps to enhance security across the kernel.org infrastructure.

What happened?

Intruders gained root access on the server Hera. We believe they may have gained this access via a compromised user credential; how they managed to exploit that to root access is currently unknown and is being investigated.
Files belonging to ssh (openssh, openssh-server and openssh-clients) were modified and running live.
A trojan startup file was added to the system start up scripts

...We are also currently auditing all security policies to make kernel.org more secure, but are confident that our systems, specifically git, have excellent design to prevent real damage from these types of attacks.

Complete Story

Related Stories: