Major Linux security hole gapes open

Discussion in 'all things UNIX' started by Minimalist, Nov 15, 2016.

  1. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    13,765
    Location:
    Slovenia
    http://www.zdnet.com/article/major-linux-security-hole-gapes-open/
     
  2. Anonfame1

    Anonfame1 Registered Member

    Joined:
    May 25, 2016
    Posts:
    224
    Just fyi, the same article also says:
    A pretty big deal to be sure- someone without backups could see someone use root to delete their system. This is pretty much a non-factor in computers though- if they really wanted to hose your install, they could simply remove the drive, hook it up to their computer and then wipe the drive clean. Still, this makes it easier and is unnecessary.

    **EDIT** Well, if access is terminal in nature (where they cant access the drive but can access keyboard), this is pretty bad. Also, they wouldnt need to connect your drive externally to delete the partition if you dont have a bootup password (either in the bootloader or via UEFI/BIOS); the easiest way to protect yourself is a power on password and update as soon as your distro drops a fix (wont protect you if they reset CMOS using hardware techniques, but then they might as well remove the drive first).
     
  3. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,098
    Location:
    Brasil
    Yet ANOTHER Debian crypto problem? :mad:

    (This issue is probably only present in Debian. I could not reproduce it in Arch, and other users have reported not being able to reproduce it in Fedora).
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    This seems silly. Just secure console access. If someone has physical access, you're hosed anyway.

    Also, this ...
    ... is just plain wrong. If the system isn't encrypted, you can get root in single-user mode, and change the root password ;)
     
  5. Anonfame1

    Anonfame1 Registered Member

    Joined:
    May 25, 2016
    Posts:
    224
    Its still a really silly thing to do. I mean it would allow people to hose your install if you dont have a hard drive password or boot password... That said, given what you say about someone having physical access, I agree.
    I used ABS and took a look at how Arch does it- it looks to me (could be wrong) that it just loops over and over and over again asking for the password- doesnt appear to ever drop to a shell.
     
  6. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,466
    And here I was panicking because I'd just set up LUKS.... But @mirimir is correct, this article is pure garbage. Local console only, doesn't give any access to encrypted data, and applies for all systems with an initramfs anyway.

    Don't trust your computer if it's fallen into malicious hands, etc. Literally nothing new here.
     
  7. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Maybe there's an escape key.
     
  8. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
  9. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,466
    OMG. Author of that article doesn't know the difference between grub-install and update-grub. *bangs head on keyboard*

    Also I'm not convinced the additional kernel parameter 'panic=5' will do anything useful. That's to make it reboot after 5 seconds *if the kernel panics*. This flaw doesn't involve a kernel panic, just exiting the boot process and getting a busybox shell in the initramfs.

    It would be nice if tech journalists did the bare minimum of research before just parroting stuff!
     
  10. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,098
    Location:
    Brasil
    Oh boy, haven't you learned anything on all those years of yours? :argh:

    Journalism is that: mostly not researched stuff, with a ton of political bias, with a ton of sensationalism, with a little cherry on top from those few people who own all the media.
     
  11. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,272
    One thing this article and others dealing with the subject has assured me of: I am very glad that I pull /boot from my computers. Of course any physical access to a machine allows for complete manipulation of unencrypted /boot. BUT - if that is on a stick in my pocket I am not too concerned. LOL!! Plus, before I go anywhere at all, I always checksum my MBR's as well. All other sectors are beyond their reach.

    For now I'll avoid the bios discussion.
     
  12. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,098
    Location:
    Brasil
    I'm not too concerned. I decided to throw all the paranoia away and just have an encrypted OS for privacy in case one of my tech-savy friends decide to sniff my documents. Inside the encrypted partition I have a backup of my GPT and /boot first sectors, complete boot partition, and /dev/sda2 first sector backup as well (the encrypted partition). If in doubt I just boot up the Arch ISO, mount the encrypted partition, and overwrite these with the backups.

    Thinking that somehow a multi-gazillion dollar agency will come after me is just ridiculous :p So I don't do that anymore. My firewall now is just protecting the income, not the outcome. I don't use GRSec anymore until 4.10 comes.
    I'm very happy, relaxed, and can focus on other things now instead of feeling anxious about a 0.000001% chance scenario.
     
  13. Gringo95

    Gringo95 Registered Member

    Joined:
    May 7, 2009
    Posts:
    126
    This type of sensationalist garbage comes around on a regular basis as if the so called journalists share a rota for it. What surprises me though is just how many folks think some North Korean is manually searching for a back door into their PC. The real secret to desktop security is learning to realize just how unimportant you are to the world. Those with an ego will always suffer from security based paranoia whilst the rest of us just switch on our machines and enjoy the experience.
     
  14. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    9,840
    Good point Gringo, good point.
    Mrk
     
  15. quietman

    quietman Registered Member

    Joined:
    Dec 27, 2014
    Posts:
    511
    Location:
    Earth .... occasionally
    Seconded !

    Whenever I start reading articles such as the earlier one from zdnet , I let out a heavy sigh ( often just a mental one )
    Is this serious , is it credible , is it going to affect me and others around me ?

    Not so much a kernel panic as "journo panic " then , or a journalist trying to create "reader panic"

    Why do they not do their research ?
    Because to do so takes time and effort , and doesn't necessarily boost the paycheck
    ( it doesn't boost their professional credibility either , but that appears to be much less important to them )

    Always the pressure to make headlines ....
    " Never let the facts get in the way of a good story "
    Clearly as true today as it ever was.

    @Gullible Jones
    " I'm not convinced the additional kernel parameter 'panic=5' will do anything useful "

    It will not .... it should read 'journo panic=5'

    .... Wait 5 seconds before booting the journalist :)
     
    Last edited: Nov 24, 2016
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.