Re: DSA 438 - bad server time, bad kernel version or information delayed?
Greetings,
Am Donnerstag, 19. Februar 2004 09:39 schrieb Jean Christophe ANDRÉ:
> Le jeudi 19 février 2004 à 09h24 (+0100), Jan Lühr écrivait :
> > What about establishing some kind of warning service? E.g. sshd has a
> > well known serious leak, you should shut it down for the next few days.
>
> Warning: the Linux kernel has a well known serious leak,
> you should shut all your servers down for the next few weeks.
>
> Sorry, I couln't resist! ;-)))
;)
I understand - but I rather thought of: mremap bug, wacht out for theses kind
of processes (wich have to run for quite a long time),
> This is not an easy decision: the alert may alert bad guys too...
> "Oh! There is some kind vulnerability nobody knows and has
> corrected in SSH! Let's look for it and use it quick before
> anybody has been able to patch it!"
Well yeah, but Imho - correct me if I'm wrong, these kind of bad guys, hanging
all night long in IRC have sources, apart from the official announcements.
All I'm asking for is getting to know the things they know - not critical
data use to create exploit, just general information, what is currently
threadening the security of my system and how I can detect it.
> But this was not the main point of my first mail: I only ask for
> putting some information about the delay in the announcement.
> It will just be usefull (and alertless) for these people (like me)
> checking for the kernel compile time against the announcement date.
I agree.
Keep smiling
yanosz
Reply to: