[svlug] OpenSSH source may be trojaned, unless...
Drew Bertola
drew at drewb.com
Thu Aug 1 16:07:02 PDT 2002
On Thu, Aug 01, 2002 at 04:33:51PM -0400, Bruce O. Benson wrote:
> On Thu, 1 Aug 2002, Drew Bertola wrote:
> > Let's say Sue runs Debian, but she just downloaded, built, and
> > installed the trojaned openssh. Is she ok?
>
> "apt-get install source ssh" retrieves safe non-trojaned OpenSSH source. So
> yes, Sue's OK.
Just to be argumentative beyond the point of useful (since everyone
else is doing it), this is not what you said. I'm not nit-picking.
Your original conclusion was that those running Debian were OK. I
wanted to point out that there was no inherent immunity to those
running Debian.
--
+---------------------- T h e C o o p . n e t ----------------------+
| Drew Bertola Hosting - Colocation Tel: 408-738-8337 |
| TheCoop.net Programming - Administration Mob: 408-887-0426 |
| drew at thecoop.net Open Source Specialists http://thecoop.net |
+-------------------------------------------------------------------+
More information about the svlug
mailing list