Re: How to keep apt from updatine the kernel
This is getting annoying. The precompiled kernel-imges simply have
everything as a module that can possibly be built as a module, and a good
selection of that which can't built in. You certainly didn't build your
own kernel when you installed Debian (you don't have the tools yet), you
got the kernel image. As far as how to stop the precompiled ones writing
over your homebuilt: this is a FAQ--either set the package version
obscenely high so that nothing supercedes it or put it on hold. Putting
it on hold is most easily done in dselect, but there's a way to do it
with dpkg --set-selections: it's in the archives and I'm not going to
repeat it. Chris: if you can't understand the whys and wherefores of
default kernel images, are you really in a position where you can offer
help? BTW Chris, when's the last time you CHECKED the signed source? Who
signed it? Is the signing key current? What was the type of key (gpg,
pgp, RSA, DES)? Unless you have the answers to those questions off the
top of your head, the added security is practically nil.
On Fri, 9 Feb 2001, Chris Matta wrote:
>>Now that's a weird statement. Why would recompiling your own kernel
>>be any less of a security risk than running precompiled kernel?
>>Do you read every line in the every new kernel before compiling?
>
>I was merely saying that I know what my kernel has in it and what it doesnt,
>i certainly dont trust a precompiled kernel, even if it is from debian. Im
>aware that the source may be compromised, but thats what a signed kernel
>source is for.
>
>-c
>----- Original Message -----
>From: "John L . Fjellstad" <john-list@fjellstad.org>
>To: <debian-user@lists.debian.org>
>Cc: "ray p" <ray@sisna.com>; <debian-user@lists.debian.org>
>Sent: Friday, February 09, 2001 12:10 AM
>Subject: Re: How to keep apt from updatine the kernel
>
>
>
>
>
--
There is no problem so great that it cannot be solved with suitable
application of High Explosives.
Who is John Galt? galt@inconnu.isu.edu, that's who!
Reply to: