[linux-elitists] Rooted kernel.org hosts (was: PJ takes her victory lap)

Rick Moen rick at linuxmafia.com
Wed Aug 31 20:31:18 PDT 2011


Quoting Rick Moen (rick at linuxmafia.com):

> In other news, here.kernel.org was recently determined to be hax0red, and 
> Jon C. kindly explained to journos why the sky remains determinedly unfallen.
> https://www.linux.com/news/featured-blogs/171-jonathan-corbet/491001-the-cracking-of-kernelorg

Typo; I knew full well that the hostname is 'hera', but my fingers were
in rebellion.

Anyway, cross-posting my query from LWN:


I'm curious about two points not (to my knowledge) yet covered, probably
for the simple reason that there hasn't been enough time for proper
forensics:

1. What was the escalation path to root?

2. Completely aside from the git repo contents, were the downloadable
*.tar.[gz|bz2] source archives trojaned? Are there any non-site-local
mechanisms in place to detect such tampering (other than, of course, the
fact that the Linux Kernel Archives OpenPGP key is well known, and some
of us bother to check the *.tar.[gz|bz2].sign files?




More information about the linux-elitists mailing list