[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Upgrading Kernels...

As a member of the "mass of slightly advanced skills" trying to use Debian for their typical day-to-day server needs, I am put rather off-balance by the issues presented by the recent kernel compromise.

I have an installation that has run quite well, and have been running regular upgrades on the system. However, it did not dawn on me until now that I should have installed a custom kernel after installation, let alone compiled my own.

However, it is rather unfortunate that at a time where probably a record number of individuals are wondering about kernel issues, the Kernel HOWTO has been removed from the site without any further clarifications.

I think that to alleviate the fears of this group of users, a step-by-step guide should be made available on www.debian.org and/or security.debian.org describing the steps to be taken to:
- Determine if user systems are afflicted by the kernel exploit
- Rectify the issue, possibly by updating the kernel

Such a guide should list a recommended kernel version for a stable Debian installation, and should preferably not advice users to "roll their own kernels", since many users have no desire to start such explorations as a response to this issue.

I believe that this issue has caused serious doubts for many users about the possibility of running a typical secure linux server with medium sysadmin skills. As I gather, running "apt-get upgrade" is not sufficient to patch a vulnerable system for this exploit, meaning that the method recommended for "Keeping your Debian system secure" on security.debian.org is insufficient.

MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus

Reply to: