Security hole found in Linux
Programmers identify a vulnerability in the heart of Linux that could let people take control of their own systems--even if they don't have privileges to do so.
The vulnerability affects
Reader Resources TechRepublic | ||||
The problem could let "local" computer users--those with permission to log on to a machine--to gain "root" access and take complete control of the machine, Cox said. Such local vulnerabilities are considered less severe than remote ones that let attackers over a network take over a machine even if they don't have a basic user account on it.
The problem affected the "ptrace" component of Linux, which is used to help find bugs in software.
Cox
A recent spate of security problems have cropped up in several open-source programs. Earlier this week, programmers disclosed a vulnerability in the Samba package used to share files between Windows, Linux and Unix systems that could let attackers across a network take over a computer. In addition, a recent problem in the Sendmail e-mail server software opened up the possibility of network-based attacks.