The Grinch That Tried to Exploit Linux
A security vendor alleges there's a vulnerability in the Linux kernel. Developers disagree, but ironically an unrelated critical bug was found.A new report has emerged of an alleged security flaw in the Linux kernel that is being named the "Grinch," after the character from Dr. Seuss' classic "The Grinch Who Stole Christmas" story. In this case, however, the Grinch might not be a risk at all though, ironically, on the same day the Grinch was reported, a real Linux vulnerability unrelated to the Grinch was, in fact, disclosed and patched. The Grinch flaw was reported by Stephen Cody, chief security evangelist at Alert Logic. Cody alleges that the Grinch flaw enables users on a local machine to escalate privileges. Leading Linux vendor Red Hat, however, disagrees that the Grinch issue is even a bug and instead notes in a Red Hat knowledge base article that the Grinch report "incorrectly classifies expected behavior as a security issue." The original security researcher that reported the Grinch found that if a user logs into a Linux system as the local administrator, the user could run a certain command that would enable the user to install a package, explained Josh Bressers, lead of the Red Hat Product Security Team. "Local administrators are trusted users," Bressers told eWEEK. "This isn't something you hand out to everybody."
If the user is logged into a physical computer as the local administrator, there are certain actions that are expected that the local administrator should be able to do without needing to type in a password, Bressers said. One such action is the ability to install software from a trusted software repository. "The reason for that is if you are sitting at the physical computer, you could physically install software, use a hammer and screwdriver, or do other things to the machine," Bressers said. "So it's not considered a trust boundary."