 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Mon, Oct 20, 2003 at 05:22:48PM -0400, Rich Braun wrote: > Yup, that's a *1999*-vintage kernel running since summer '02. It's not > especially insecure, though, because it only runs Samba and a backup NTP > server. So long as that old kernel will keep running whatever security-patch > level of these apps is required, I don't need to reboot. Uh, I seem to recall that all 2.2 kernels prior to the current release had serious security holes that could result in escalated priviledges. For example, all releases prior to 2.2.19 contained some form or other of ptrace()/exec() bug which allowed a root compromise to local users. If you allow your users to log in to the server with a shell, I would consider that a problem. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail. Sorry for the inconvenience. Thank the spammers. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <http://lists.blu.org/pipermail/discuss/attachments/20031021/1df80b51/attachment.sig>
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
