Re: vulnerability of Linux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2005-11-29 at 14:13 +0800, John Summerfied wrote:
> If there's a kernel update fixing a security problem only exploitable 
> with local access, and I control the only account with local access, 
> then I don't need it.

Are you sure? If there's a bug in httpd that allows an attacker to run
code as user apache, then the kernel bug may become quite useful to get
root.

Why run with a known vulnerability, just because one isn't smart enough
to think of an attack vector? Defense in depth...

Cheers
Steffen.

Attachment: signature.asc
Description: This is a digitally signed message part


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux