"SquirrelMail Repository Poisoned" (slashdot)
Adam Tkac
atkac at redhat.com
Wed Dec 19 21:31:54 UTC 2007
On Wed, Dec 19, 2007 at 07:09:07PM +0000, Paul Vixie wrote:
> could something like this happen in BIND and go unnoticed?
>
> http://it.slashdot.org/article.pl?sid=07/12/18/1847233
>
More interesting question will be if something like that happen to
BIND how many systems will be affected? I'm interested how many people
check signatures of tarball. I have to say I also sometimes don't
check signature :( . This should be good example why always check
signatures. I also think when admins use some type of MAC mechanism
(like AppArmor or SELinux on Linux systems) they should be protected
against such flaws. Good reason why use them.
Adam
--
Adam Tkac, Red Hat, Inc.
More information about the bind-workers
mailing list