* Ptrace flaw could leave Linux open to unauthorised users A flaw in Linux code was reported last week that could leave servers or workstations vulnerable to being taken over by users attached to affected machines over a LAN.The bug involves ptrace, a function used to trace and debug Linux processes. The vulnerability in ptrace could allow someone with a legitimate user account to obtain root privileges, giving the user full access for making changes to a Linux server configuration. And that, to paraphrase Egon from Ghostbusters, “would be bad.”Luckily, remote or unauthorized users without an account cannot exploit the ptrace bug. According to reports, Linux kernel Versions 2.2 and 2.4 are affected.The flaw was discovered by Alan Cox, one of the first programmers to work on Linux with its inventor Linus Torvalds. While not earth-shattering, the recent ptrace vulnerability announcement should be a reminder to Linux sysadmins to stay on their toes, since attacks on Linux-based systems are on the rise, according to London security firm mi2g.As one example, the firm found that defacements of Web sites running Linux were up 30% in 2002 over the previous year, while Microsoft Web site hacks were down around 20% over the same time. The firm still holds Microsoft as the “most vulnerable” operating system, accounting for around 43% of the 1,162 new software vulnerabilities found last year, but Linux was second with 17%. Related content how-to Doing tricks on the Linux command line Linux tricks can make even the more complicated Linux commands easier, more fun and more rewarding. By Sandra Henry-Stocker Dec 08, 2023 5 mins Linux news TSMC bets on AI chips for revival of growth in semiconductor demand Executives at the chip manufacturer are still optimistic about the revenue potential of AI, as Nvidia and its partners say new GPUs have a lead time of up to 52 weeks. By Sam Reynolds Dec 08, 2023 3 mins CPUs and Processors Technology Industry news End of road for VMware’s end-user computing and security units: Broadcom Broadcom is refocusing VMWare on creating private and hybrid cloud environments for large enterprises and divesting its non-core assets. By Sam Reynolds Dec 08, 2023 3 mins Mergers and Acquisitions news analysis IBM cloud service aims to deliver secure, multicloud connectivity IBM Hybrid Cloud Mesh is a multicloud networking service that includes IT discovery, security, monitoring and traffic-engineering capabilities. By Michael Cooney Dec 07, 2023 3 mins Network Security Network Security Network Security Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe