Subject: Re: auto update vulnerability?
From: Greg Madden (pabi@gci.net)
Date: Tue Apr 09 2002 - 08:11:07 AKDT
On Mon, 2002-04-08 at 23:10, bryan@ak.net wrote:
>
> There's a very interesting article at:
> http://www.cs.berkeley.edu/~nweaver/0wn2.html
>
> While it doesn't mention Linux (or *NIX) by name, I wonder if
> what it describes is a vulnerability of systems like debian's
> apt-get or freebsd's ports tree.
>
> Any input from more experienced users than myself?
>
> --
> Bryan Medsker
> bryan@ak.net
When I read it I thought of Windows boxes.As far as Debian goes all the
packages have md5sums & are signed by their maintainers. I don't know
how secure the Debian system reallly is but I know they go through a few
steps to try & make it so.
-- Greg Madden Precision Air Balance, Inc. email:pabi@gci.net Phone:(907)276-0461 Fax:(907)258-0461-- Attached file included as plaintext by Listar -- -- File: signature.asc -- Desc: This is a digitally signed message part
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
iD8DBQA8sxKbk7rtxKWZzGsRAqlfAJ9x8x/9BGZvxP+UkGcwFIrocVtYKQCfeqFr proVA/WC1RP9iUNhR8iXCrY= =FOPL -----END PGP SIGNATURE-----
--------- To unsubscribe, send email to <aklug-request@aklug.org> with 'unsubscribe' in the message body.
This archive was generated by hypermail 2a23 : Tue Apr 09 2002 - 09:27:26 AKDT