Since this is a home user, I'll ponder your advice with a grain of salt. If the user upgrades and everything works perfectly, then fine, it's a worthy task. But with all the kernel upgrades causing problems in this and other mailing lists, disruption of service (availability) is a fundamental principle of security. In effect, you've just caused something your trying to prevent. Each scenario is different, if this particular user has no open services available on this box, the possibility of someone compromising the system are insignificant. Properly configured security layers prevent this from happening in the first place. In the enterprise environment, updates/changes break things very easily and unless you don't care about service delivery, this would not be a good idea.. -----Original Message----- From: fedora-list-bounces@xxxxxxxxxx [mailto:fedora-list-bounces@xxxxxxxxxx] On Behalf Of Alexander Dalloz Sent: Thursday, January 13, 2005 2:19 PM To: For users of Fedora Core releases Subject: Re: should i bother?? Am Do, den 13.01.2005 schrieb O'Neill, Donald (US - Deerfield) um 15:55: > As for the local root exploit, unless you have untrusted users with > shell accounts on your machine, the 'local exploit' is a not a issue. No, no and no. Possible local root exploits are always, under each circumstance a risk. There is no excuse not updating by installing a bugfix kernel. Alexander -- Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.10-1.8_FC2smp Serendipity 21:18:29 up 2 days, 19:29, load average: 0.38, 0.47, 0.47 This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited.
