Distro comparison
Derek Martin
invalid at pizzashack.org
Tue Oct 21 02:51:41 EDT 2003
On Mon, Oct 20, 2003 at 05:22:48PM -0400, Rich Braun wrote:
> Yup, that's a *1999*-vintage kernel running since summer '02. It's not
> especially insecure, though, because it only runs Samba and a backup NTP
> server. So long as that old kernel will keep running whatever security-patch
> level of these apps is required, I don't need to reboot.
Uh, I seem to recall that all 2.2 kernels prior to the current release
had serious security holes that could result in escalated priviledges.
For example, all releases prior to 2.2.19 contained some form or other
of ptrace()/exec() bug which allowed a root compromise to local users.
If you allow your users to log in to the server with a shell, I would
consider that a problem.
--
Derek D. Martin
http://www.pizzashack.org/
GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address.
Replying to it will result in undeliverable mail.
Sorry for the inconvenience. Thank the spammers.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.blu.org/pipermail/discuss/attachments/20031021/1df80b51/attachment.sig>
More information about the Discuss
mailing list