Kernel.org, home of the Linux kernel source code, was reportedly the victim of a security breach last week.
According to ReadWriteWeb and a note on the kernel.org homepage, an unknown intruder or intruders gained root access to the site"s main server, known as Hera, as well as a number of other servers.
They made a number of changes to files related to SSH services, added a trojan to startup scripts on a number of systems and logged some user interactions with the breached servers. The upshot, however, is this: there is apparently next to no chance the Linux kernel itself was compromised by the attack, which was discovered on August 28.
According to the site note, that"s because each of the nearly 40,000 files within the kernel are protected by a secure SHA-1 hash every time a file is modified. Any changes made by a hacker or hackers would be immediately apparent to the site"s administrators, developers and members, though a check is still underway on each and every file to ensure nothing has been modified.
As for how the attack occurred, the leading theory at the moment is that a user"s login credentials were stolen, though how the attacker gained root access is still under investigation. In the meantime, all compromised servers have been taken offline and all kernel.org servers will be reimaged to a known safe backup. Authorities in the United States and Europe have also been notified of the attack.
While the breach is likely to result in more than a few headaches for the site"s administrators, it is unlikely to have any serious ramifications for the Linux community beyond a reminder that while no security system is entirely secure, a well-designed backup system can often save the day.
Image Credit: Wikipedia