Linked by Jordan Spencer Cunningham on Mon 14th Jun 2010 23:58 UTC
Bugs & Viruses Recently, the Linux version of UnrealIRCd was discovered to have had a Trojan worm its way into the source code. Even more embarrassing for the developers of Unreal is that the Trojan's been holding open the backdoor in the source code since November of 2009-- not very recently. And, of course, bloggers and press in general are taking the opportunity of another breach in Linux security to point out doomsday devices that don't really exist.
Permalink for comment 430071
To read all comments associated with this story, please click here.
Member since:

I would like to add, it's not a perfect system, their are humans involved, they make mistakes.

But at the end of the day, you are putting software together from different sources. They should probably be contained as much as possible, also from each other.

And maybe you automate this a bit more and I hope we can improve on it. But eventually it will originate from a human being. A programmer. The Linux-kernel programmers use git to keep track of the origin of every single line of code that goes in to the kernel and every line is reviewed.

If we verify everything along the way into the distributions and the tools check the packages and files at (regularly and) at installation time, then that is probably the best thing we can do.

Reply Parent Score: 2