In a technological perspective, North korea is a country that runs on their own Operating System, that is, Red Star OS, first introduced in 2003, was originally derived from Red Hat Linux to improve level of security against outside attacks.
Now an anonymous security researcher have identified a mistake (Flaw) in
permissions settings on a key file that allows anyone with access to
the system to run commands as root. "Red Star 3.0 desktop ships with a
world-writeable udev rules '/etc/udev/rules.d/85-hplj10xx.rules' which
can be modified to include 'RUN+=' arguments executing commands as root
by udev.d," the researcher wrote.
The flaw would allow any user to elevate their privileges and bypass North Korean government's security policies.
Udev.d is a generic kernel device manager that can identify hardware
"hot-plugged" into a Linux system. The rules file determines how to
handle the events associated with the connection of a new device and can
include commands to be launched when certain devices are
connected—commands that are run with system-level privileges. The
"85-hplj10xx.rules" file is the ruleset associated with drivers for a
USB-connected devices and is common to most Linux distributions.
The permissions on that file are set as "world writable," any user
regardless of permission levels could make changes to the rules to
activate it for any device and execute any command they wanted with
system-level privileges.
Researcher also discovered a similar file permission error in Red Star
OS 2.0's desktop version, which is easier to abuse - the system
configuration file for Linux's rc utility, which manages the operating
system's boot-up. That vulnerability would allow anyone to add commands
to be executed during system boot--a great way to ensure that
surveillance software or other malware loads up persistently.
No comments:
Post a Comment