Announcement

Collapse
No announcement yet.

Gentoo Was Compromised On GitHub

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    Originally posted by hussam View Post
    What did the hackers do? downgrade the CFLAGS in the ebuilds?
    ROFL, this is my favorite thing on the Internet at the moment.

    Comment


    • #12
      TBH I believe the attack timing is suspect, maybe someone in their team doesn't like the M$ buyout.

      Comment


      • #13
        Originally posted by leigh123linux View Post
        TBH I believe the attack timing is suspect, maybe someone in their team doesn't like the M$ buyout.
        Exactly, it was an inside job .

        Comment


        • #14
          When is the 'rm -rf /' executed ? Because this might still be true:
          > Does the fact that root is owner on some ccache subfolders suggest that
          > ccache is ran as root at some point ?
          It definitely ran as root. With FEATURES=userpriv, some phases (such as pkg_setup) still run as root, so it looks like one of these other phases called the compiler. [...]

          Well, you can't stop the compiler from being called during phases that run as root. [...] It should not be a security issue, as long as you don't grant "portage" group access to untrusted users.
          Source: https://bugs.gentoo.org/show_bug.cgi?id=492910#c5

          Comment


          • #15
            I believe you can use Gentoo's gitweb repo too. I stay clear of github unless it's the only way.

            git://anongit.gentoo.org/repo/gentoo.git

            I have my own 'build' service where I sync from gentoo (git/distfiles/etc...) and not github. Github is how you get noticed, gitlab, cgit and gitweb, seem sufficient for a lot of usecases, imo.
            Last edited by pcxmac; 29 June 2018, 04:16 AM.

            Comment


            • #16
              When is the 'rm -rf /' executed ? Because this is likely still be true today:
              > Does the fact that root is owner on some ccache subfolders suggest that
              > ccache is ran as root at some point ?
              It definitely ran as root. With FEATURES=userpriv, some phases (such as pkg_setup) still run as root, so it looks like one of these other phases called the compiler.
              [...]
              Well, you can't stop the compiler from being called during phases that run as root. [...] It should not be a security issue, as long as you don't grant "portage" group access to untrusted users.
              Source: https://bugs.gentoo.org/show_bug.cgi?id=492910#c5

              Comment


              • #17
                Originally posted by makam View Post
                Oh no, Microsoft has already started hacking all the good distros.

                Obviously they will pin it on someone else.
                it's wrong to think badly of someone, but you're very often right...

                Comment


                • #18
                  Originally posted by ihatemichael
                  I suspect we are going to start seeing more and more of these attacks, this is how GitHub begins to die.
                  Without knowing the cause/reason for this attack, why are we suggesting that this has any impact on github's future, or has anything to do with Microsoft?

                  Speculation is worthless at this stage, it's ultimately a compromised credential and nothing special in that regard.

                  Comment


                  • #19
                    With GNU rm, "rm -rf /" doesn't do anything but print a warning.

                    Comment


                    • #20
                      Originally posted by makam View Post
                      Oh no, Microsoft has already started hacking all the good distros.

                      Obviously they will pin it on someone else.
                      You went full retard, man. Never go full retard.

                      Comment

                      Working...
                      X