A glitch called “Grinch” after the perennially loathed yet beloved Dr. Seuss cartoon character has recently been found laying low in the depths of Linux source code. It has the catastrophic potential to let bad guys to seize remote control of any and all devices based on the platform. Including Android mobiles, which at their core have Linux roots planted in their software.
By “remote control” IT network security provider Alert Logic means total, unrestricted command over any data stored on liable systems, plus the ability to install and execute trojans and other malware contents from a distance.
The way Grinch works is by allowing access to the su (aka super user) command, and letting unauthorized individuals manipulate the wheel group assigned by default to the legit admin of the system. This results in privilege escalation which ultimately gives the attacker full access to all system functions.
That sounds a lot like Shellshock’s mischievous capacity. However, according to Stephen Coty, Alert Logic’s Chief Security Evangelist, Linux admins and users can dodge attacks and remove all risk by implementing stronger methods of authentication and authorization.
Users can do this through PolKit, a policy management tool in Linux. To be frank, the settings users need to change to thwart to the Grinch are a bit over our heads, so we recommend you check out this recently broadcasted webinar about the “Grinch” flaw.
If you take authorization one step forward, and switch the default wheel assignment, you should stay clear of the green baddie with a heart two sizes too small, and enjoy your holidays in peace. Probably. Most likely. Hopefully.