On Friday 28 January 2005 at 23:51, Michelle Konzack wrote:
Am 2005-01-28 21:25:55, schrieb Harald Krammer:
hi !
I have running some debian/woody machines with kernel 2.4.18.
I saw the last security fix was DSA-479-1 ( long ago) - is it better to
switch to 2.4.29 or exits new kernels with all security pachtes ?
AFAIK 2.4.27 from <http://www.backports.org/> has it fixed.
Ist there realy a Debian kernel-source-2.4.2{8,9} ?
nice greetings,
harald
In my point of view, if you really want to have a secured kernel, you
should install the latest available kernel from sources (today 2.4.29)
and apply grsecurity patches.
Subscribe to the kernel mailling list and whenever there is a new kernel
simply follow the above instructions again.
There are a number of security flaws around the kernel that people know
as beeing unpatched as of today (See grsecurity list archives). Moreover
using a packaged kernel usually enables features that can be exploited
to gain higher privileges (i.e. kernel module loader enabled) and
disabling these features might be the first step in securing the kernel.
The kernel being the most important component in the system, it is the
one that should be secured the most and the fastest as possible.
Therefore a manual installation and patching seems to me as being the
solution here.
Xavier.