[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Today's kernel vulnerability announcement



On Mon, Mar 17, 2003 at 09:51:27PM -0500, Tom Diehl wrote:
> On Mon, 17 Mar 2003, Keith Mastin wrote:
> 
> > Just a heads up to everyone about the kernel vulnerability announcement
> > sent out by redhat.
> > 
> > I took a look into the matter before upgrading, as IMHO upgrading the
> > kernel is serious and shouldn't be done unless necessary. I've had
> > experience with installing "upgraded" kernels that have presented far more
> > problems than they've solved.
> 
> FUD!! How hard is it to do "rpm -ivh new_kernel_rpm.rpm", reboot and test to
> your heart's content. It either works or it does not. If it does not work 
> properly, reboot again and select your old kernel. How much easier do you 
> want it?? I will admit this gets slightly more complicated if you have a 
> bunch of custom modules installed but only slightly. You can still recompile
> the modules test and fall back to the old kernel if there are problems.

Obviously spoken by somebody who hasn't managed serious production
systems before.  I've got a production server with 500+ users, hammered
24x7, and you want me to just go ahead and reboot and then spend time
testing?  How many of us are really competent to do a proper kernel
test?  If you are, then you're probably not on this list...  I've got
other systems that are easier to do, but the only local users they have
are root anyway.  If the kernel isn't remotely exploitable, why waste a
reboot to fix a hole that I don't care about?  Any change presents a
possibility of something breaking, whether it's a minor change or not.

> > The bottom line is that the vulnerability allows local users to gain root
> > access to the system. There is no possibility of using the vulnerability
> > to gain remote root access to the system. Single user systems and systems
> > where the users are not allowed shell access are not vulnerable.

This tells us far more than your "FUD" statement.

-- 
Ed Wilts, Mounds View, MN, USA
mailto:ewilts ewilts org
Member #1, Red Hat Community Ambassador Program





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]