* Jean Christophe ANDR? ([EMAIL PROTECTED]) wrote: > Le vendredi 28 novembre 2003 à 12h06 (+0100), Boris Stanislavski écrivait : > > Subject: more details on the recent compromise of debian.org machines > > Date: Fri, 28 Nov 2003 01:04:00 +0000 > > http://lists.debian.org/debian-devel-announce/2003/debian-devel-announce-200311/msg00012.html > > It says "Somehow they got root [...]", does anybody yet know how?
Did you *read* what they said? > May be because of the last screen local privilege escalation...? > See there: http://www.secunia.com/advisories/10310/ That should only gain group utmp privs on Debian systems, at least from what I can tell. Not sure of the difficulty of going from that to root. Stephen
signature.asc
Description: Digital signature
