Re: Wiretapping Linux?
From: Chase Venters
Date: Tue May 16 2006 - 16:48:34 EST
On Tue, 16 May 2006, Måns Rullgård wrote:
Chase Venters <chase.venters@xxxxxxxxxxxx> writes:
The thing is that there is enough peer review in the open source world
that not only would it be *difficult* to slip in some intentionally
malicious code (and I don't think any malicious code of much potential
would be likely to make it past LKML, especially if it doesn't closely
adhere to CodingStyle :P) but it would not be long before someone
Some details on a real attempt: http://kerneltrap.org/node/1584
Wow. Did anyone ever find out who edited CVS, and how they did it? (I
assume David Miller didn't have anything to do with it :P)
Yeah, so to wrap this malware conversation up -- the most effective way to
implant malicious code in Linux is to crack into developer machines and
sneak the changes in.
And hope that someone doesn't notice.
The original poster speaks of spyware - I think spyware would end up being
a few lines more than a fake current->uid test(set). So it's not proper to
say malicious code couldn't be inserted into Linux; rather, it's just not
very likely to get anything very complicated in there. The bigger the
elephant, the harder it is to dress it up as an elf.