• danielfgom
    link
    fedilink
    English
    4910 months ago

    On the upside they are helping secure Linux because now the the appropriate action can be taken to prevent this in future.

    I’m sure a security patch has already been released. The Linux community normally addresses these things very quickly.

    • @Lmaydev@programming.dev
      link
      fedilink
      English
      2010 months ago

      I’m all for looking on the bright side but this is a bit much lol

      Linux users online tend to get very high and mighty every time another OS has a sucurity bug. But it’s a good thing for Linux hehe

      • @ElderWendigo@sh.itjust.works
        link
        fedilink
        English
        2110 months ago

        Linux users online tend to get very high and mighty every time another OS has a sucurity bug. But it’s a good thing for Linux hehe

        That’s because illuminating security vulnerabilities is VERY GENERALLY a good thing for an open source community driven software that can be more agile than closed and private code bases that are GENERALLY entrenched in a corporate structure slowed by all of the inertia inherent in those systems.

            • @Lmaydev@programming.dev
              link
              fedilink
              English
              210 months ago

              This process initiates with Linus Torvalds, wherein, he releases a new kernel and then opens a 2-week merge window. During this merge window, he pulls the code for the next release from subsystem maintainers. Subsystem maintainers send signed git pull requests to Linus either during the merge window or before

              • @SuddenlyBlowGreen@lemmy.world
                link
                fedilink
                English
                310 months ago

                No, that’s just for development discussion and code versioning. Nothing the end-user needs to touch or see.

                End users update their system with commands/through interfaces or they receive automatic updates, depending on their system.

    • Shadow
      link
      fedilink
      English
      1510 months ago

      There’s no actual vuln here is there? It’s just a persistent backdoor that hides with some elf and kernel tricks.

      • danielfgom
        link
        fedilink
        English
        110 months ago

        Sure. I’m not excusing it, just saying now they we know about it, at least it can get patched. Nothing worse than having a security hole going unpatched for years.