[Dshield] SuSe Backdoors?
Johannes B. Ullrich
jullrich at sans.org
Tue Mar 2 03:20:18 GMT 2004
> I've heard rumors that SuSe has built-in backdoors,
Heard from whom? The MSFT salesguy ;-)...
I don't know of any backdoor in SuSe or any other Linux
distribution. While it is of course possible (I haven't
reviewed the code), it is unlikely, given that the source
code is open.
SuSe comes precompiled for various platforms. So unlike source
based distros (gentoo, debian), you will have to do some extra
work to make sure that nothing changed in the process of
compilation. However, the exact source code used to build SuSe
is available for review (and to rebuild it to make sure that
the binaries you got are actually based on just this source code).
Ok. this has OS trashing potential. But anybody here remember
the Microsoft 'nsa-key' fiasco ;-).
CTO SANS Internet Storm Center http://isc.sans.org
phone: (617) 837 2807 jullrich at sans.org
contact details: http://johannes.homepc.org/contact.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/list/attachments/20040301/d963b2f8/attachment.bin
More information about the list