[ISN] Server breach likely to delay Gnome

[InfoSec News]

http://news.com.com/2100-7349_3-5178168.html

By Robert Lemos 
Staff Writer, CNET News.com
March 23, 2004

The Gnome Project said Tuesday that its servers have apparently been
breached, potentially delaying the latest release of its desktop
system for Linux.

In a e-mail alert sent Tuesday, the managers of the project told
developers that they had found evidence indicating that the server
hosting Gnome.org had been breached. Gnome and its rival KDE provide
the two major desktop systems used on computers running the Linux
operating system.

"We are investigating further and will provide updates as we know
more," Owen Taylor, a member of the Gnome system administration team
and a software engineer for Red Hat's desktop group, stated in a
two-paragraph advisory on the Gnome Announcements mailing list. "We
hope to have the essential services hosted on the affected machine up
and running again as soon as possible."

The short message also stated that the administrators believed the
source code repository, which contains the current development work on
Gnome software, was unaffected by the breach.

A member of the Gnome development team said that the next version of
the software, Gnome 2.6, will likely be delayed a few days while the
project members investigate the breach. The software was scheduled to
be released on Wednesday.

"We don't expect any significant effect on Gnome development," the
team member said on condition of anonymity. "Because it happened right
before the 2.6 release, we'll probably have to push (the release) back
a few days but that should be all."

The apparent trespass is the latest blow for the security of
open-source development projects.

In November, the servers for two Linux projects--Debian and
Gentoo--were compromised. Earlier the same month, an attacker managed
to gain access to a server that mirrored the latest version of the
code for the Linux kernel. And in March and December separate attacks
on servers hosting software under development by the GNU Project, the
source of much of the free software used by Linux, successfully
breached those systems.

Members of the Gnome Project noticed some "suspicious processes
running on the Gnome.org" server, said the developer. An investigation
revealed several files in a temporary directory that led the team to
believe that someone was able to run commands and to search for
vulnerabilities.

"As far as we know at this point no damage was done other than the
loss of services while we clean up and get things back in place," said
the team member. "We're, of course, investigating thoroughly to make
sure that we know the full extent of the break-in and will provide a
full update to the community when we finish that."