[sf-lug] Hacked RHEL4/PHP4 server

Kristian Erik Hermansen kristian.hermansen at gmail.com
Thu May 22 12:26:12 PDT 2008


On Thu, May 22, 2008 at 11:36 AM, Rick Moen <rick at linuxmafia.com> wrote:
> Not except on operating systems that need to run code in the boot
> sector (etc.) of target operating systems merely to mount them.  Legacy
> MacOS was one such -- leading to some clever malware.  Unixes, however,
> are not, not even (to the best of my understanding) OS X.

But now I probe you further :-)  What happens if I corrupt the file
system intentionally, and I hold an 0day for fsck?  I know you will be
mounting within Linux, and that fsck is vulnerable to some issue in
its interpretation of this file system.  This scenario is not
unreasonable, and exactly such a situation affected Mac OS X's fsck
utility when interpreting a malformed UFS file system.  Now I ask you,
are you feeling any more safer today?  ;-P
-- 
Kristian Erik Hermansen
--
"When you share your joys you double them; when you share your sorrows
you halve them."




More information about the sf-lug mailing list