Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > alt.os.linux > #81071
| Path | csiph.com!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail |
|---|---|
| From | John Hasler <john@sugarbit.com> |
| Newsgroups | alt.os.linux |
| Subject | Re: What do you make of this reported Linux back door? |
| Date | Fri, 28 Feb 2025 08:09:46 -0600 |
| Organization | Dancing Horse Hill |
| Lines | 15 |
| Message-ID | <87jz9ama8l.fsf@sugarbit.com> (permalink) |
| References | <vprpii$1qo1r$1@news.usenet.ovh> |
| MIME-Version | 1.0 |
| Content-Type | text/plain |
| Injection-Date | Fri, 28 Feb 2025 16:08:05 +0100 (CET) |
| Injection-Info | dont-email.me; posting-host="1f59ed5cd5706270b74ed0f196d217a2"; logging-data="3912441"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19Yz9EsFVlXUQs2C1arIbOm2YbI/IeJaWo=" |
| User-Agent | Gnus/5.13 (Gnus v5.13) |
| Cancel-Lock | sha1:1y/rttJ4hzKBYy5UnIxE97hZptg= sha1:s53t9LVPaRfgW3qAo4rQSng92dg= |
| Xref | csiph.com alt.os.linux:81071 |
Show key headers only | View raw
From the link: "the file is intended to run explicitly by the victim on their Linux machine." It must also be run as root. Therefor this malware is not by itself a vulnerability: obviously any program you run as root can do anything. This thing is just a payload for an attack. The actual vulnerability, if any, is the method by which the user is induced to run the thing as root. -- John Hasler john@sugarbit.com Dancing Horse Hill Elmwood, WI USA
Back to alt.os.linux | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
What do you make of this reported Linux back door? Hank <hankrobins@notspam.uk> - 2025-02-28 08:45 +0100
Re: What do you make of this reported Linux back door? "Carlos E.R." <robin_listas@es.invalid> - 2025-02-28 13:06 +0100
Re: What do you make of this reported Linux back door? Lawrence D'Oliveiro <ldo@nz.invalid> - 2025-03-02 00:38 +0000
Re: What do you make of this reported Linux back door? John Hasler <john@sugarbit.com> - 2025-02-28 08:09 -0600
Re: What do you make of this reported Linux back door? "J.O. Aho" <user@example.net> - 2025-02-28 18:00 +0100
Re: What do you make of this reported Linux back door? Adrian Caspersz <email@here.invalid> - 2025-03-04 18:29 +0000
Re: What do you make of this reported Linux back door? "J.O. Aho" <user@example.net> - 2025-03-04 22:51 +0100
Re: What do you make of this reported Linux back door? "Carlos E.R." <robin_listas@es.invalid> - 2025-03-05 00:05 +0100
csiph-web