Re: Kernel 2.4.20 and patches to be save?

To: debian-security@lists.debian.org
Subject: Re: Kernel 2.4.20 and patches to be save?
From: Markus Kolb <debian@tower-net.de>
Date: Mon, 19 May 2003 15:11:01 +0200
Message-id: <200305191511.03615.debian@tower-net.de>
In-reply-to: <3514.10.200.3.28.1053291755.squirrel@muffin.tsnz.net>
References: <200305181359.46894.debian@tower-net.de> <200305181839.40826.lgomez@infoemergencias.com> <3514.10.200.3.28.1053291755.squirrel@muffin.tsnz.net>

On Sunday 18 May 2003 23:02, TiM wrote:
> > How about monolithic kernels? Sure, they won't eliminate all your
> > problems,
> > but the fact of a self-made kernel being monolithic adds another
> > layer of security to your context.
> >
> > If your machines are servers in a production environment, then you
> > should consider this option. If they aren't, do what I did: try
> > 2.4.21-rc2
> >
> > Regards
> >
> > 	Pope
>
> The kernel I use for production servers is 2.4.20 with the
> grsecurity.net patch.  http://www.grsecurity.net version 1.9.9h has
> the ptrace patch already in it, so it's the only patch you need for
> your kernel.
[...]

Ah, nice to know that grsecurity has a ptrace patch.
Thanks for all your answers.
They go round the problem to get an official flawless vanilla kernel, 
but it seems there are no other possibilities at the moment.

Greets
Markus

Reply to:

References:
- Kernel 2.4.20 and patches to be save?
  - From: Markus Kolb <debian@tower-net.de>
- Re: Kernel 2.4.20 and patches to be save?
  - From: Luis Gomez <lgomez@infoemergencias.com>
- Re: Kernel 2.4.20 and patches to be save?
  - From: "TiM" <tim@muppetz.com>

Prev by Date: kernel+grsecurity
Next by Date: Re: kernel+grsecurity
Previous by thread: Re: Kernel 2.4.20 and patches to be save?
Next by thread: Re: Kernel 2.4.20 and patches to be save?
Index(es):
- Date
- Thread