For everyone: one of the members of this forum likes to claim that some CentOS+BlueQuartz systems (like StrongBolt) have security holes, and this user recently sent me a file that attempts to exploit a security hole that has been well-understood in Linux kernels for some time. (You can read the details on this hole - the CVE-2006-2451 prctl() privilege escalation vulnerability) at http://secunia.com/advisories/20953 )
This bug affects all versions of Linux (not just CentOS, which is based on RedHat) prior to 2.6.17. (For what it's worth, this class of bug has popped up over and over in the history of Unix -- I first saw it in V7 Unix in about 1979!)
There are a couple of take-aways here:
1) This bug does not affect most yum-updated versions of CentOS+BQ, which have updated kernels;
2) If you have a web-server appliance on which you allow random, untrusted users to run gcc or load and run arbitrary executables, you are asking for trouble. If you're not sure -- don't allow random users to run code!
3) Don't believe the scare-mongering you hear around here, especially when it involves "secret evidence" -- most security exploits are well-known and documented, so the bad guys know them, and you'd better as well.
4) This is one bug -- there are many, and many more in older versions of Linux. The Cobalt Raq4 OS is based on Linux 2.2, so who knows how many bugs it still contains?
So let's drive a stake through the heart of this one -- there is nothing less secure about a CentOS+BlueQuartz system than any other modern RedHat Enterprise Linux system out there. Do your own research, and look to multiple sources for your info.
Last edited by gnetwerker; 02-05-2008 at 10:13 PM.
it's very true that "CentOS+BlueQuartz" systems have been patched for this via CentOS updates.. However My Point was that StrongBolt Never Patched his kernel since the first one they made and thus are vulnerable to this hack.
The Way it works is
Somebody does a brute force attack and gets a user account. Or they just login with the user test and passwd test and if they get a shell they can run the hack and have root access. if they don't have a shell they ftp a shell program and or script to the users web directory and automate getting root or installing the root kit they like...
Now I do make good money on these boxes, but I just couldn't live with myself letting people think they are safe... when they are certainly not.
The Root Exploit is public at this time.
I don't know of any Root Exploits for Cobalt 2.2 kernels at this time and I have the kernel src.rpm ready to accept any bugfixes... If a hole does developer I can patch it right away and post the updated kernel... or a nice stable 2.4 kernel is ready too!!
If you want a 100% secure system, then follow these simple instructions:
1) Place computer in a secure EMI-shielded room;
2) Remove or disable removable media, block USB ports, etc;
3) Unplug the computer from any networks and modems;
4) Strip-search any users before entering and leaving the room.
For even greater security, do not allow any users, and for the ultimate in security, unplug the computer from the wall.
On the other hand, if you want a usable system, then use a modern operating system and take normal precautions. And if someone tries to convince you to run Linux 2.2 (originally released over seven years ago) rather than a modern OS like (e.g.) Linux 2.6.20, then run the other way.
Indeed, if anyone tries to tell you that system security is primarily a kernel issue, laugh in their face, as they clearly do not know what they're talking about.
You have mad a joke out of this forum and the webhosting talk rules by spamming StrongBolt in every thread you can, it doesn't matter what the thread is about, you post your StrongBolt advertisements even knowing that it contains multiple security holes. Real nice.