Linux Exploit Liability? Backspace 28 times to get in…Really?
Recent headlines on a new Linux exploit have been spectacular:
- How to hack any Linux machine just using backspace
- Exploit Logs You Into Linux Systems After Hitting Backspace 28 Times
- Log into most any Linux system by hitting backspace 28 times
The vulnerability lies within the Grub2 bootloader, a password management system used by some Linux systems upon startup. Unpatched, the exploit would cause the system to reboot or bring up a Grub rescue shell granting the user a full set of admin privileges — within the rescue function only.
What is the real danger? Ryan Chewning, DataYard Linux Systems Administrator, sees these as largely sensational pieces. “The exploit requires physical access to the Linux system, first and foremost,” he says. “Additionally, it is my experience that the feature being attacked is not widely used in the first place.”
Our bottom line? If you’re hosting in DataYard’s managed Linux environments, you need not worry. Physical access is controlled and systems are constantly updated with all necessary security patches.
As always, if you have any questions or concerns, please let us know!