Re: Debian Server restored after Compromise
On Thu, 13 Jul 2006 23:23:22 +0200 (CEST)
"Gudjon I. Gudjonsson" <email@example.com> wrote:
> How worried should I be? Do you think it is OK to wait for an
> official Debian packaged kernel or should I download some tonight from
> kernel.org and compile myself?
Be worried if you allow untrusted users shell access to your systems.
I'm no security expert, but I'm willing to bet that there are tens (if
not hundreds) of 0-day local exploits in the Linux 2.6 source code.
'Security' within a source tree that incorporates ~10MB of patches per
month is an illusion (in my humble opinion).
Don't get me wrong, I run a server with a 2.6 kernel, but be aware that
if a malicious user ever gains access to an unprivileged account, they
would have no trouble in compromising the system.