Linux is not OpenBSD, it's Linux. What happens there does not affect
OpenBSD. Likely at some point it will be revealed what happened. At
any rate it isn't germane to these lists.
--STeve Andre'
On 09/17/11 03:40, Daniel Villarreal wrote:
I'm still worried, though. There's some mystery involved, how did "they" get
root ?
http://isc.sans.edu/diary.html?storyid=11497
kernel.org is indicating "Down for maintenance." Ouch.
http://www.linuxfoundation.org/ has some information, but they're still
"investigating."
Looking at Linus' plus.google.com account doesn't give much information,
either.
Wondering when and if we can expect results on the compromise.
Hmm.
Daniel
On Wed, Sep 14, 2011 at 2:15 PM, Kevin Chadwick<[email protected]>wrote:
On Tue, 13 Sep 2011 22:38:27 -0700
lancebaynes87 wrote:
I love OBSD, and I don't want it to fail like kernel.org:
What happened, a ssh account password was stolen followed by local
privile;-Dge escalation.
They have said that as far as code goes, no harm was done. The worrying
part was how the admins handled the server afterwards (just reboot and
see what happens isn't exactly a strategy and could make things
much worse). I guess that's because they don't really care too much
about the server aside from functionality as the code is protected by
the developers many systems and eyes.
I'm also not sure if the hacked servers were running the website.
