Re: Kernel security advice
On Fri, Feb 18, 2005 at 08:06:59PM -0500, Michael Stone wrote:
> On Sat, Feb 19, 2005 at 09:42:48AM +1100, firstname.lastname@example.org wrote:
> >yes - and I have been the victim of one of these (the 'suckit' rootkit).
> >But at least using non-modular kernels prevents one class of attacks...
> Sure. At a fairly high cost in administrative overhead you can prevent
> one fairly narrow category of attack (one which I've seen fail in the
> field a *lot* because the kiddies run into problems of compatability
> between kernel versions). I have yet to see a convincing argument that
> the dubious benefit justifies the cost.
why, in particular, do you consider it to be a 'fairly high cost in
> Mike Stone
> To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact