“As has recently been announced on the main kernel.org page, the
main kernel.org server (known as “hera”) was recently compromised
by an unknown intruder. This person was able to gain “root” access,
meaning they had the full run of the system. Speaking as just one
of many members of the kernel development community, I can say that
this episode is disturbing and embarrassing. But I can also say
that there is no need to worry about the integrity of the kernel
source or of any other software hosted on the kernel.org
systems.Kernel.org is, of course, the home for the Linux kernel. Many
other projects live there as well. On the face of it, that would
make kernel.org a tempting target for an attack. What
self-respecting cracker wouldn’t want an opportunity to place some
special code into the Linux kernel? Such code would, over time,
find its way into millions of machines worldwide. The injection of
backdoors or other malware is a concern for any software maintainer
– open source or otherwise – but it turns out that we are well
protected against that sort of attack.
The Cracking of Kernel.org
By
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis