"SquirrelMail Repository Poisoned" (slashdot)

Adam Tkac atkac at redhat.com
Wed Dec 19 21:31:54 UTC 2007

On Wed, Dec 19, 2007 at 07:09:07PM +0000, Paul Vixie wrote:
> could something like this happen in BIND and go unnoticed?
> http://it.slashdot.org/article.pl?sid=07/12/18/1847233

More interesting question will be if something like that happen to
BIND how many systems will be affected? I'm interested how many people
check signatures of tarball. I have to say I also sometimes don't
check signature :( . This should be good example why always check
signatures. I also think when admins use some type of MAC mechanism
(like AppArmor or SELinux on Linux systems) they should be protected
against such flaws. Good reason why use them.


Adam Tkac, Red Hat, Inc.

More information about the bind-workers mailing list