Contributed by jose on from the checksums-are-just-for-this-purpose dept.
how does this affect both the base system and ports? since the intruder had root access on the box, checksums should mean a big zero, what does one do to make sure their beloved boxes are safe?"
Don't forget that the checksums the ports tree uses are held on OpenBSD servers, not the compromised distfile server. Secondly, the checksums are widely distributed, so someone is bound to spot it (as they did with other backdoored distfiles). Thirdly, this is exactly what the systrace patch for the ports tree is for.
(Comments are closed)
By jose () on http://monkey.org/~jose/
Comments
By Nate () on
Also a bit of a pain to have to throw out food that may/may not be good still/ever.
By krh () on
By Anonymous Coward () on
NO CARRIER
Comments
By map-ip-to-name () nobody@localhost on http://phrack.efnet.ru/phrack/opencult/