[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Efficient way to keep track of security updates

It would be interesting if someone does the experiment of testing in an upathced Debian system with grsecurity kernel running. To my understanding PAX and Grsecurity might mitigate this problem, and of course future problems like this.

2015-01-30 0:30 GMT-06:00 Paul Wise <pabs@debian.org>:
On Fri, 2015-01-30 at 00:22 -0600, Marco Galicia wrote:

> Does using something like the Grsecurity kernel helps prevent these
> type of vulnerabilities?

grsec can mitigate weaknesses in other software but it does not prevent
those vulnerabilities from existing, it can just change the effects of
being attacked through those vulnerabilities.

> In Ghost case, a Grsecurity kernel would help?

I haven't seen any analysis of that but as it is supposed to help with
memory corruption-based exploits it should help here.

> doesn't apticron does the same job as your script?


PS: No need to CC folks who are clearly subscribed to the list.

Por favor, evite enviarme documentos adjuntos en formato Word Excel o PowerPoint.
Como alternativa puede enviarme documentos en formato odt, odx u ods, además de documentos en formato pdf
Si realmente es necesario enviarme un documento en formato Word, por favor utilize el formato .doc en lugar de .docx

Vea http://www.gnu.org/philosophy/no-word-attachments.html

Reply to: