[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian Stable server hacked

On Thu, Aug 07, 2003 at 07:03:13PM +0200, Thijs Welman wrote:

> Matt Zimmerman wrote:
> 
> >If you don't also subscribe to debian-security-announce, then you are
> >missing important things like kernel updates.  There are several local root
> >exploits in the stock woody kernel which have been fixed by security 
> >updates
> >that would not be installed automatically.  You cannot rely on apt alone to
> >secure your system.
> 
> Thanks. I forgot to mantion that i am subscribed to 
> debian-security-announce as well (ofcourse ;)). As far as the kernel 
> updates are concerned: i use my own kernel. At this moment that's 2.4.21 
> with Alan Cox' patches (ac4). Could be there's an exploit in that 
> kernelversion. Maybe i should consider to go back to a 
> debian-packagekernel...
> 
> Anyone any comment on or experience with debian vs custom kernels?

If you build your own kernels, you are on your own as far as security.  You
need to keep track of all of the vulnerabilities and whether they affect
what you're running, and what version you need to update to in order to get
the fixes.

-- 
 - mdz
Reply to: