[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian Investigation Report after Server Compromises

On Wed, 03 Dec 2003 09:57:55 +0000, Oliver Elphick wrote:

> 
> Suppose I go off for two weeks holiday?  I'm the only one who can change
> my system's kernel, but I leave it on because it is the gateway for
> everyone else.  The day after I leave, some idiot publishes details of
> this exploit and for 13 days my system is vulnerable, before I even hear
> about the problem, let alone have the chance to fix it.
> 
> There is not yet a Debian package of kernel 2.4.23, so anyone who can't
> downgrade to 2.4.18 must fetch his own kernel source and build it; which
> may be beyond the abilities of many of those who are vulnerable.

Excellent example :)

-- 
....................paul


"I think that gay marriage is something that should be between a man and
a woman."

-- Arnold Schwarzenegger, Governor of California
Reply to: