Fixing Linux

106
Article Source Cyber Cynic
August 20, 2009, 10:04 am

Everything has security problems, even Linux. An old and obscure problem with the gcc compiler was recently discovered to have left a security hole in essentially every version of Linux that anyone is likely to be running. Here’s what you need to know about fixing it.

The problem itself was discovered by Brad Spengler, the hacker behind the open-source network and server security program, grsecurity. What he found was that in some network code, there was a procedure that included a variable that could be set to NULL (no value at all). Now, this didn’t appear to be a problem because the programmer also included a test which would return an error-message if the variable turned out to have a NULL value…

Read More