"SquirrelMail Repository Poisoned" (slashdot)

Adam Tkac atkac at redhat.com
Wed Dec 19 21:31:54 UTC 2007


On Wed, Dec 19, 2007 at 07:09:07PM +0000, Paul Vixie wrote:
> could something like this happen in BIND and go unnoticed?
> 
> http://it.slashdot.org/article.pl?sid=07/12/18/1847233
> 

More interesting question will be if something like that happen to
BIND how many systems will be affected? I'm interested how many people
check signatures of tarball. I have to say I also sometimes don't
check signature :( . This should be good example why always check
signatures. I also think when admins use some type of MAC mechanism
(like AppArmor or SELinux on Linux systems) they should be protected
against such flaws. Good reason why use them.

Adam

-- 
Adam Tkac, Red Hat, Inc.


More information about the bind-workers mailing list