Re: [Jack-Devel] Fwd: Re: jackaudio.org website shut down due to hacking

Prev	Next Index
Date	Mon, 02 Jun 2014 08:54:10 -0400
From	Paul Davis <[hidden] at linuxaudiosystems dot com>
To	Graham Goode <[hidden] at gmail dot com>
Cc	JACK <[hidden] at lists dot jackaudio dot org>
In-Reply-To	Graham Goode Re: [Jack-Devel] Fwd: Re: jackaudio.org website shut down due to hacking
Follow-Up	[hidden] at trellis dot ch Re: [Jack-Devel] Fwd: Re: jackaudio.org website shut down due to hacking

On Mon, Jun 2, 2014 at 3:45 AM, Graham Goode <[hidden]> wrote:

> And if you didn't, here is the WayBackTime Machine's backup from
> February 2014...
>

If the issue was just backups, it wouldn't have been much of an issue. But
when I read the break-in/exploit code, it was clear that the people
responsible had either already modified SQL tables or had the capacity too.

Dreamhost makes it more or less impossible to run the web server as
different user from the owner of static files, and in a case of poor system
admin, the same SQL user is used for DB access as for DB creation.

So having access to the files/pages/drupal nodes is one thing (we still
have/had that before the hack, they just added pharma spam), but the site
was fundamentally unsafe because there is no way of knowing what they put
into the DB, or how long ago this crack was added.

--p

Prev	Next Index

1401713659.24151_0.ltw:2, <CAFa_cKnLVjwUpffJRc=rYs8vmge70N3_vcSA44iNnYkZUFFKxA at mail dot gmail dot com>