Ksplice: Rebootless Linux kernel security updates

["Tom Metro-12" <user=71@nabble.blu.org>]

 Anyone tried this? 
  -Tom 

Ksplice: Rebootless Linux kernel security updates 
http://web.mit.edu/ksplice/

   Ksplice allows system administrators to apply security patches to 
   the Linux kernel without having to reboot. Ksplice takes as input a 
   source code change in unified diff format and the kernel source code 
   to be patched, and it applies the patch to the corresponding running 
   kernel. The running kernel does not need to have been prepared in 
   advance in any way. 
... 
   Ksplice cannot handle semantic changes to data structuresâ??that is, 
   changes that would require existing instances of kernel data 
   structures to be transformed. For example, a patch that adds a field 
   to a global data structure would require the existing data 
   structures to change. We examined 32 months of Linux kernel patches 
   and found that most (42 out of 50) kernel security patches do not 
   require such semantic changes. 
... 
   In addition to patching security vulnerabilities, Ksplice can also 
   be used to add debugging code to the kernel or to make any other 
   code changes that do not modify data structure semantics. For 
   example, you can use Ksplice to modify the behavior of printk. 


-- 
Tom Metro 
Venture Logic, Newton, MA, USA 
"Enterprise solutions through open source." 
Professional Profile: http://tmetro.venturelogic.com/

-- 
This message has been scanned for viruses and 
dangerous content by MailScanner, and is 
believed to be clean. 

_______________________________________________ 
Discuss mailing list 
[hidden email] 
http://lists.blu.org/mailman/listinfo/discuss