Government spooks helped Microsoft build Vista
Ian Petersen
ispeters-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Mon Jan 15 21:22:58 UTC 2007
> Given that Linux is open source, it'd be hard for them to hide something
> in it.
Given that the kernel is a couple of million lines of code, it might
be easier than you think. The hard part is getting it past Linus (and
his various lieutenants), but, IIRC, this has happened before.
Certainly someone has tried. I remember something about some code
that tried something similar to this:
if ((currentUserId = 0)) {
// benign-looking code
}
The extra parentheses around the assignment silences the compiler, and
you're left hoping that a human reviewer catches the fact that you're
assigning zero, not comparing to zero. I can't remember if this
particular exploit ever made it into the wild, but I'm certain it was
submitted for review.
Ian
--
Tired of pop-ups, security holes, and spyware?
Try Firefox: http://www.getfirefox.com
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list