[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <65CDE812-02A8-492B-B724-F5B6DDEAE486@gmail.com>
Date: Sun, 13 May 2007 23:07:25 -0700
From: Andrew Farmer <andfarm@...il.com>
To: Tremaine Lea <tremaine@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Linux big bang theory....
On 13 May 07, at 21:24, Tremaine Lea wrote:
> This might be a bit hard for you to understand, but no OS is
> impossible to break.
>
> If you think that's the case with OSX, you haven't been keeping up
> very well at all.
>
> And before you get your knickers in a bunch, *I* use OSX.
Yep. All that I was pointing out was that this script happens to
break under OS X, because it makes assumptions that aren't true
outside a Linux system. This doesn't mean that it couldn't be
modified to work correctly, though.
This script really doesn't prove anything, though. All it shows is
that a compromised machine can be difficult to impossible to clean
properly - which has been known for a *long* time. Ken Thompson
discussed a much cleverer one in "Trusting Trust". It's also worth
noting that this is in no way specific to UNIX systems. It's simply
an unalterable fact that, once an attacker has had full access to the
machine, it's possible for them to make changes which will allow them
reentry at a later date.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists