“Dirty Cow” is the common name given to Linux vulnerability CVE-2016-5195. It is a “privilege escalation” that allows a non-root user to gain root access on a system. An attacker must have system access first, as a normal user. Then they use the bug to obtain root rights. It is dangerous and should be patched.
The Linux kernel itself was fixed in October 2016. Since then, Linux vendors have all released patches. Many Internet articles suggest addressing the bug by doing a general system update. While that might be fine for a test machine or Linux desktop, it isn’t ideal for a production server. This article describes how to fix the bug in the least invasive way possible – by updating the kernel only. Continue reading →
This article discusses some of the workings of open source software with particular reference to the Linux kernel and GNU. It will explain some of the processes involved for those of us who know Linux but are not software engineers. Perhaps you are an Linux administrator or enthusiast, but find yourself unsure of terms such as upstream, downstream, mainline, patch, merge and other words developers love to bandy ? Read on.
Open Source Software
If you are a Linux user, you might be familiar with installing software using yum or apt-get. For example Continue reading →