By “remote control” IT network security provider Alert Logic means total, unrestricted command over any data stored on liable systems, plus the ability to install and execute trojans and other malware contents from a distance.
The way Grinch works is by allowing access to the su (aka super user) command, and letting unauthorized individuals manipulate the wheel group assigned by default to the legit admin of the system. This results in privilege escalation which ultimately gives the attacker full access to all system functions.
That sounds a lot like Shellshock’s mischievous capacity. However, according to Stephen Coty, Alert Logic’s Chief Security Evangelist, Linux admins and users can dodge attacks and remove all risk by implementing stronger methods of authentication and authorization.
Users can do this through PolKit, a policy management tool in Linux. To be frank, the settings users need to change to thwart to the Grinch are a bit over our heads, so we recommend you check out this recently broadcasted webinar about the “Grinch” flaw.
If you take authorization one step forward, and switch the default wheel assignment, you should stay clear of the green baddie with a heart two sizes too small, and enjoy your holidays in peace. Probably. Most likely. Hopefully.
Editors' Recommendations
- What does the lock mean on Snapchat?
- How to create a calendar in Google Sheets
- This free service just hit a huge website security milestone
- Best Cyber Monday Deals 2022: Laptops, TVs, AirPods, and more
- These are the apps that have kept me glued to the Quest Pro
