[ILUG] kernel security hole
Pádraig Brady
P at draigBrady.com
Wed Feb 13 17:37:38 GMT 2008
oscar cassetti wrote:
> Hi,
>
> I think that if you are running a 2.4 kernel series you are ok. I
> believe you should run this kernel if your server is mission critical.
> You can always update to 2.6.24.2 or downgrade to kernels prior to 2.6.17.
> Then there are some general security tricks that prevent those kind of problem.
> Eg. if a compiler is not installed then it is more difficult to
> compile those stuff. You should also run webserver in chroot
> environments.
Isn't it trivial to break out of chroots?
> PAM and stuff like aide and syslog ng can help.
> some references
> http://kerneltrap.org/node/15471
> http://kerneltrap.org/Linux/Patching_CVE-2008-0600_Local_Root_Exploit
Aren't there loads of local root exploits already?
Why so much news about this one?
Pádraig.
More information about the ILUG
mailing list