Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?

To: Adam ENDRODI <borso@vekoll.saturnus.vein.hu>
Cc: debian-security <debian-security@lists.debian.org>
Subject: Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
From: Dale Amon <amon@vnl.com>
Date: Mon, 8 Dec 2003 00:22:17 +0000
Message-id: <[🔎] 20031208002216.GI11945@vnl.com>
In-reply-to: <[🔎] 20031207222745.GA15534@ildicow.saturnus.vein.hu>
References: <[🔎] 00ea01c3b975$5e31cca0$c3b00ac3@lanwan.fi> <[🔎] 20031203100018.GM9850@linuxmafia.com> <[🔎] 3FCDB737.30603@nicholas.net.nz> <[🔎] 20031203122743.GI6238@linuxmafia.com> <[🔎] 009501c3b9a0$710736f0$c3b00ac3@lanwan.fi> <[🔎] 20031203133129.GF25416@vnl.com> <[🔎] 20031203144651.GC822@ix.netcom.com> <[🔎] 20031203155729.GA15192@ildicow.saturnus.vein.hu> <[🔎] 20031204155403.GE23992@ix.netcom.com> <[🔎] 20031207222745.GA15534@ildicow.saturnus.vein.hu>

On Sun, Dec 07, 2003 at 11:27:45PM +0100, Adam ENDRODI wrote:
> Little details of a system are subject to change and my
> observation is that the more you customize the more likely
> you'll end up in trouble.  Clearly, in my case with my little
> changes I diverge from the Debian (and likely other) standards
> more than the automatic install scripts could tolerate.

I've found that cfengine2 is a reasonable way to handle
a lot of these problems. I to a debian upgrade and my
my cfengine2 scripts run off daemon or cron.d within
minutes and "fix" whatever debian packages have done
that I don't like.

I've also got another approach I'm working that relies
on specially burned locked down update images on CD.
That way the debian package upgrade never need occur
on the actual appliance.

-- 
------------------------------------------------------
   Dale Amon     amon@islandone.org    +44-7802-188325
       International linux systems consultancy
     Hardware & software system design, security
    and networking, systems programming and Admin
	      "Have Laptop, Will Travel"
------------------------------------------------------

Reply to:

References:
- Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
  - From: "Riku Valli" <riku.valli@piilinna.net>
- Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
  - From: Rick Moen <rick@linuxmafia.com>
- Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
  - From: Tim Nicholas <tim@nicholas.net.nz>
- Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
  - From: Rick Moen <rick@linuxmafia.com>
- Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
  - From: "Riku Valli" <riku.valli@piilinna.net>
- Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
  - From: Dale Amon <amon@vnl.com>
- Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
  - From: "Karsten M. Self" <kmself@ix.netcom.com>
- Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
  - From: Adam ENDRODI <borso@vekoll.saturnus.vein.hu>
- Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
  - From: "Karsten M. Self" <kmself@ix.netcom.com>
- Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
  - From: Adam ENDRODI <borso@vekoll.saturnus.vein.hu>

Prev by Date: Is there a FAM(file alteration monitor) exploit in the wild?
Next by Date: RE: secure file permissions
Previous by thread: Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
Next by thread: Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?
Index(es):
- Date
- Thread