Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Security

Grinch Vulnerability Could Put a Hole In Your Linux Stocking 118

Posted by timothy
from the pretty-generic-description-there dept.
itwbennett writes In a blog post Tuesday, security service provider Alert Logic warned of a Linux vulnerability, named grinch after the well-known Dr. Seuss character, that could provide attackers with unfettered root access. The fundamental flaw resides in the Linux authorization system, which can inadvertently allow privilege escalation, granting a user full administrative access. Alert Logic warned that Grinch could be as severe as the Shellshock flaw that roiled the Internet in September. Update: 12/19 04:47 GMT by S : Reader deathcamaro points out that Red Hat and others say this is not a flaw at all, but expected behavior.

Comment: "Individually and Collectively" ? (Score 1) 515

by davecb (#48586501) Attached to: Once Again, Baltimore Police Arrest a Person For Recording Them
I don't know if you can do so in the US, but in Canadian law you can seem to be able to sue both an individual and the body of which he is a part. Strong unions or companies usually pay to defend their members and try to pay any fines, but if the offence is serious enough, the union or employer won't be able to afford it, and the individual will be punished despite their efforts. This can be use by good people against bad, or bad people against good, it doesn't matter: as an example, people sue city councillors and the city all the time.

Comment: Re:5th Admendment? (Score 1) 446

by davecb (#48510807) Attached to: 18th Century Law Dredged Up To Force Decryption of Devices
Yes: it's a so-called "writ of assistance" or "general warrant". They keep being outlawed, and keep coming back. The RCMP said they retired their last general warrant just a few years ago, but the government of the day seems to trying to recreate a subset for people who use the internet...

Comment: It has to be a crime in NZ, too (Score 1) 166

by davecb (#48492939) Attached to: Kim Dotcom Faces Jail At Bail Hearing

Countries will extradite their citizens if they've been charged with a crime, but it has to be a crime in both countries, and it needs to be of some severity. Parking tickets aren't enough to get me extradited from Canada, even though not paying them is a misdemanor. Similarly, charging me with blasphemy in Iran and asking for me to extradited won't work either.

NZ needs to have made copyright infringement an indictable offence, and they need to have done so before Mr Dotcom was charged.

If not, and if they wish to get rid of him, they need to ensure somehow that he doesn't have a lawyer, and then hope he can't defend himself adequately.

Comment: Re:The real reason? The ISPs want court orders (Score 3, Informative) 187

by davecb (#48487703) Attached to: Music Publishers Sue Cox Communications Over Piracy
Rightscorp is arguably afraid ISPs will refuse to cut off people under the DMCA unless a judge has ruled in a legitimate court proceeding that the person has infringed multiple times. They now propose to saddle ISPs with massive, expensive and interminable legal proceedings unless the ISP agrees to cut people off on mere accusation.

Comment: And as such, is actionable. (Score 1) 173

by davecb (#48427785) Attached to: US Gov't Seeks To Keep Megaupload Assets Because Kim Dotcom Is a Fugitive
Lawyers often study "conflict of laws", where law A says "X is a crime" and B says "do X". Good legal draftsmen will therefor say something like "not withstanding A, do X", but not everyone is a good draftsman(/woman/shark). It would be amusing and very embarassing to charge a district attorney with possession of stolen property (;-))

I have yet to see any problem, however complicated, which, when you looked at it in the right way, did not become still more complicated. -- Poul Anderson

Working...