• United States

Linux root flaw found, patch available

Mar 26, 20032 mins
Enterprise ApplicationsLinuxPatch Management Software

* Ptrace flaw could leave Linux open to unauthorised users

A flaw in Linux code was reported last week that could leave servers or workstations vulnerable to being taken over by users attached to affected machines over a LAN.

The bug involves ptrace, a function used to trace and debug Linux processes. The vulnerability in ptrace could allow someone with a legitimate user account to obtain root privileges, giving the user full access for making changes to a Linux server configuration. And that, to paraphrase Egon from Ghostbusters, “would be bad.”

Luckily, remote or unauthorized users without an account cannot exploit the ptrace bug. According to reports, Linux kernel Versions 2.2 and 2.4 are affected.

The flaw was discovered by Alan Cox, one of the first programmers to work on Linux with its inventor Linus Torvalds.

While not earth-shattering, the recent ptrace vulnerability announcement should be a reminder to Linux sysadmins to stay on their toes, since attacks on Linux-based systems are on the rise, according to London security firm mi2g.

As one example, the firm found that defacements of Web sites running Linux were up 30% in 2002 over the previous year, while Microsoft Web site hacks were down around 20% over the same time. The firm still holds Microsoft as the “most vulnerable” operating system, accounting for around 43% of the 1,162 new software vulnerabilities found last year, but Linux was second with 17%.