[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian Stable server hacked


Matt Zimmerman wrote:

If you don't also subscribe to debian-security-announce, then you are
missing important things like kernel updates.  There are several local root
exploits in the stock woody kernel which have been fixed by security updates
that would not be installed automatically.  You cannot rely on apt alone to
secure your system.

Thanks. I forgot to mantion that i am subscribed to debian-security-announce as well (ofcourse ;)). As far as the kernel updates are concerned: i use my own kernel. At this moment that's 2.4.21 with Alan Cox' patches (ac4). Could be there's an exploit in that kernelversion. Maybe i should consider to go back to a debian-packagekernel...

Anyone any comment on or experience with debian vs custom kernels?

-- Thijs

Reply to: