Sunday 11 January 2015

Security Vulnerability Found In North Korea's Own OS

Security Vulnerability Found In Red Star OS
In a technological perspective, North korea is a country that runs on their own Operating System, that is, Red Star OS, first introduced in 2003, was originally derived from Red Hat Linux to improve level of security against outside attacks.
Now an anonymous security researcher have identified a mistake (Flaw) in permissions settings on a key file that allows anyone with access to the system to run commands as root. "Red Star 3.0 desktop ships with a world-writeable udev rules '/etc/udev/rules.d/85-hplj10xx.rules' which can be modified to include 'RUN+=' arguments executing commands as root by udev.d," the researcher wrote.
The flaw would allow any user to elevate their privileges and bypass North Korean government's security policies.
Udev.d is a generic kernel device manager that can identify hardware "hot-plugged" into a Linux system. The rules file determines how to handle the events associated with the connection of a new device and can include commands to be launched when certain devices are connected—commands that are run with system-level privileges. The "85-hplj10xx.rules" file is the ruleset associated with drivers for a USB-connected devices and is common to most Linux distributions.
The permissions on that file are set as "world writable," any user regardless of permission levels could make changes to the rules to activate it for any device and execute any command they wanted with system-level privileges.
Researcher also discovered a similar file permission error in Red Star OS 2.0's desktop version, which is easier to abuse - the system configuration file for Linux's rc utility, which manages the operating system's boot-up. That vulnerability would allow anyone to add commands to be executed during system boot--a great way to ensure that surveillance software or other malware loads up persistently.
This story reminds us a fact - "Nobody is fully protected from cyber attacks".

No comments:

Post a Comment