[ILUG] kernel security hole
P at draigBrady.com
Wed Feb 13 17:37:38 GMT 2008
oscar cassetti wrote:
> I think that if you are running a 2.4 kernel series you are ok. I
> believe you should run this kernel if your server is mission critical.
> You can always update to 220.127.116.11 or downgrade to kernels prior to 2.6.17.
> Then there are some general security tricks that prevent those kind of problem.
> Eg. if a compiler is not installed then it is more difficult to
> compile those stuff. You should also run webserver in chroot
Isn't it trivial to break out of chroots?
> PAM and stuff like aide and syslog ng can help.
> some references
Aren't there loads of local root exploits already?
Why so much news about this one?
More information about the ILUG