On Fri, 27 Feb 2004, Vincent wrote: >> On Fri, 27 Feb 2004, Leonard den Ottolander wrote: >> >> >How well scrutinized is this NSA code actually? Everybody can see they >> >won't slip in an obvious backdoor, but how about nasty little overflows, >> >tucked away deep inside the code, for which they already have exploits >> >in their drawer? >> >> Aside from rejecting SElinux merely due to conspiracy theories >> alone, what would be your suggestion to ensure that this is not >> the case? >> >> If you really think about it, you can apply the same conspiracy >> theory to the Linux kernel, XFree86, and every other piece of >> software in the system. >> >> There are quite a few security vulnerabilities found and fixed in >> OSS source code. How can you truely be sure that a given >> vulnerability wasn't planted there intentionally? >> >> Take the recent XFree86 security update which contains fixes for >> libXfont. Do we really know for sure that when Keith Packard >> wrote that 14 or so years ago, that he didn't intentionally put >> the buffer overflows in there, so that he could 0wn all machines >> running the X Window System 15 years later? ;o) >> >> You did upgrade X to the latest version right? ;o) > >I thought Fedora wasn't vulnerable to that bug due to >exec-shield. Packard never saw that one comming! Correct, we've tested and confirmed that exec-shield blocks the libXfont attacks if enabled. Unfortunately, I accidentally neglected to mention that in the erratum release notes for Fedora Core 1 XFree86 erratum. ;o/ -- Mike A. Harris ftp://people.redhat.com/mharris OS Systems Engineer - XFree86 maintainer - Red Hat
