vulnerability of Linux

Matthew Miller mattdm at mattdm.org
Thu Dec 1 02:28:17 UTC 2005


On Wed, Nov 30, 2005 at 11:59:14PM +0800, John Summerfied wrote:
> >Yeah, that sucked. But, well... so what? You could just boot into the old
> >kernel until the fixed one came out a few days later.
> Most of the machines I tend are a car drive away.

Okay, so that's a special case where extra caution is warranted. It's not an
argument that applies to the general case.

As an aside, for the specific case, investing in a serial console device
might be a good idea, because even with the best caution, things can get
screwed up.


> Fortunately, that bit my laptop.
> Oh, and the first fixed one wasn't, I'm not sure about the second and 
> about then I lost interest in new kernels for a few months.

Luckily the root exploit holes in those kernels weren't being widely
exploited in the wild, or you might have been making that car ride. :)

-- 
Matthew Miller           mattdm at mattdm.org          <http://mattdm.org/>
Boston University Linux      ------>              <http://linux.bu.edu/>




More information about the fedora-list mailing list