Crackers strike Gentoo Linux server, code unharmed
In the latest of what is becoming a string of high-profile attacks on Linux, someone broke into one of the servers used to distribute versions of Gentoo Linux on Tuesday.
Officials at Gentoo Technologies Inc. on Wednesday posted a message in the company's online forums detailing the attack. The executives sought to reassure users and said they don't believe that the code stored on the server was affected by the compromise. The server is owned by a third party, which uses it to perform other tasks in addition to storing the Gentoo code.
The officials said the box is one of several that are part of a rotation of servers used to synchronize and update users' versions of Gentoo. The company uses a unique technology known as portage, which allows users to download new packages and updates to the operating system by synchronizing their machines against the current build housed on the Gentoo servers. The company removed the compromised server from the rotation.
[ Read more ]
- Advisory: rsync.gentoo.org rotation server compromised (4 December 2003)
- News: Linux users: are you at risk from kernel exploit? (3 December 2003)
- News: Kernel exploit cause of Debian compromise (2 December 2003)
- News: Debian attacker may have used new exploit (1 December 2003)
- News: Debian Project machines have been compromised (22 November 2003)
- Review: HackNotes Linux and Unix Security Portable Reference (24 October 2003)