Hashemian Blog
Web, Finance, Technology, Running

What The Linux Ghost Bug Teaches

by @ 6:07 pm
Filed under: computers,hacking — Tags:

A couple of weeks ago it was revealed that a known Linux bug, Ghost (short-ish for the gethostbyname() function in the older glibc library versions) is riskier than previously thought. So the internet became abuzz with warnings to those who might not have updated their Linux distros.

I have several versions of Fedora running on various machines and updating them was simply not an option. Unfortunately they are also too old and patches are no longer available. But here comes the beauty of Linux, the open source code model. Combine that with a virtual server like Hyper-V and you have all the tools you need to create the patch yourself.

This is what I did to create patches for one of my platforms:

  • Created a guest virtual machine on the virtual server.
  • Downloaded the needed version of Fedora from this archive.
  • Installed the OS on the guest machine.
  • Downloaded the appropriate source code version of glibc. rpmfind.net is a good place to find many source code packages.
  • After installing all tools and libraries necessary to compile and build glibc, I used this StackExchange post as a guide to patch the C files based on the documented modifications and built the rpm package.
  • After installing and testing the newly built glibc library on the guest machine, I copied the rpm files to the production machine and installed them.
  • After a reboot, the bug was patched.

C code

Now many would object to running an older and unsupported version of Linux for production but I am not so sure that jumping to every new version as soon it is released contributes to additional safety. Staying with older versions does make the job of patching these sorts of bugs more cumbersome, but there's something to be said about the educational value of patching these bugs at more basic levels than just running the yum or apt-get commands. I, for one, learned quite a bit from this exercise.

 

No Comments »

 

* Comments are subject to Akismet and manual approval.

Powered by


Read Financial Markets  |   Home  |   Blog  |   Web Tools  |   News  |   Articles  |   FAQ  |   About  |   Privacy  |   Contact
Donate Bitcoin: 1K9TzBvQ2oaEb4tX9t2vKDtZouMcpfV6QF
paypal.me/rhashemian
© 2001-2019 Robert Hashemian   Powered by Hashemian.com