[ISN] Server breach likely to delay Gnome

From: InfoSec News (isn@private)
Date: Wed Mar 24 2004 - 04:03:21 PST

  • Next message: JD Runyan: "Re: [ISN] Lieberman blasts Bush cybersecurity plan"

    http://news.com.com/2100-7349_3-5178168.html
    
    By Robert Lemos 
    Staff Writer, CNET News.com
    March 23, 2004
    
    The Gnome Project said Tuesday that its servers have apparently been
    breached, potentially delaying the latest release of its desktop
    system for Linux.
    
    In a e-mail alert sent Tuesday, the managers of the project told
    developers that they had found evidence indicating that the server
    hosting Gnome.org had been breached. Gnome and its rival KDE provide
    the two major desktop systems used on computers running the Linux
    operating system.
    
    "We are investigating further and will provide updates as we know
    more," Owen Taylor, a member of the Gnome system administration team
    and a software engineer for Red Hat's desktop group, stated in a
    two-paragraph advisory on the Gnome Announcements mailing list. "We
    hope to have the essential services hosted on the affected machine up
    and running again as soon as possible."
    
    The short message also stated that the administrators believed the
    source code repository, which contains the current development work on
    Gnome software, was unaffected by the breach.
    
    A member of the Gnome development team said that the next version of
    the software, Gnome 2.6, will likely be delayed a few days while the
    project members investigate the breach. The software was scheduled to
    be released on Wednesday.
    
    "We don't expect any significant effect on Gnome development," the
    team member said on condition of anonymity. "Because it happened right
    before the 2.6 release, we'll probably have to push (the release) back
    a few days but that should be all."
    
    The apparent trespass is the latest blow for the security of
    open-source development projects.
    
    In November, the servers for two Linux projects--Debian and
    Gentoo--were compromised. Earlier the same month, an attacker managed
    to gain access to a server that mirrored the latest version of the
    code for the Linux kernel. And in March and December separate attacks
    on servers hosting software under development by the GNU Project, the
    source of much of the free software used by Linux, successfully
    breached those systems.
    
    Members of the Gnome Project noticed some "suspicious processes
    running on the Gnome.org" server, said the developer. An investigation
    revealed several files in a temporary directory that led the team to
    believe that someone was able to run commands and to search for
    vulnerabilities.
    
    "As far as we know at this point no damage was done other than the
    loss of services while we clean up and get things back in place," said
    the team member. "We're, of course, investigating thoroughly to make
    sure that we know the full extent of the break-in and will provide a
    full update to the community when we finish that."
    
    
    
    
    _______________________________________________
    isn mailing list
    isn@private
    http://www.attrition.org/mailman/listinfo/isn
    



    This archive was generated by hypermail 2b30 : Wed Mar 24 2004 - 09:17:22 PST