Today, Alert Logic revealed a new vulnerability dubbed "Grinch" on their blog, claiming it impacts all Linux platforms. To be succinct, the problem lies with the handling of user and group permissions and the Polkit authorization rules surrounding them. The blog post even shows an example of packages being installed through package manager PKCon.
While there's no patch or fix as of yet, Alert Logic goes on to rightly suggest that knowledge of your own environment is key to being secure. At ScriptRock, we couldn't agree more. Accurately knowing the state of your machines is crucial to every successful IT endeavor. And specifically, when there are untamed vulnerabilities in the wild, knowing whether software packages are being installed (or any other configuration changes are taking place) on your machines is pivotal.
ScriptRock works on practically any machine or device that you can log into, and in seconds grabs the entire config state and displays it visually. You can then use that data to compare machines to each other, or compare the current scan with a machine's prior scans to see what's changed over time. It's agentless, secure, and in use at high-profile companies all over the world.
With the Grinch running free, we encourage you to give ScriptRock a shot, on us. Sign up and use coupon code DATABEANS to begin monitoring your entire IT state for two months free, and for up to 50 nodes.