A SSH PAM module and a dedicated ssh session that cleans up after itself.
That is scary.
However, it still requires root access to install itself, and mitigation against that should be practically reflexive for anybody running a Linux machine open to the world. I wonder why these articles always fail to mention that. I guess it doesn’t make good sensationalism.
With more people adapting Linux you’re bound to have more non tech savvy people that will allow anything to happen on their system. Prompt for password appears and they just put it in without any regards for what will happen next.
A SSH PAM module and a dedicated ssh session that cleans up after itself.
That is scary.
However, it still requires root access to install itself, and mitigation against that should be practically reflexive for anybody running a Linux machine open to the world. I wonder why these articles always fail to mention that. I guess it doesn’t make good sensationalism.
With more people adapting Linux you’re bound to have more non tech savvy people that will allow anything to happen on their system. Prompt for password appears and they just put it in without any regards for what will happen next.