| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 03 Oct 2011 21:52:29 -0700 From: "H. Peter Anvin" <hpa@...or.com> To: "Ted Ts'o" <tytso@....edu>, Josh Triplett <josh@...htriplett.org>, linux-kernel@...r.kernel.org, Jiri Kosina <jkosina@...e.cz> Subject: Re: kernel.org status: establishing a PGP web of trust On 10/03/2011 09:49 PM, Ted Ts'o wrote: > > Note that if your laptop allows incoming ssh connections, and you > logged into master.kernel.org with ssh forwarding enabled, your laptop > may not be safe. So be very, very careful before you assume that your > laptop is safe. At least one kernel developer, after he got past the > belief, "surely I could have never had my machine be compromised", > looked carefully and found rootkits on his machines. > > - Ted By the way, I'm now pretty convinced that allowing inbound ssh on laptops (which is the default on all the mainline Linux distros as far as I know) is seriously broken... laptops get connected to *extremely* insecure networks on just way too regular a basis. -hpa -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists