Re: vulnerability of Linux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: vulnerability of Linux
From: Steffen Kluge <kluge@xxxxxxxxxxxxxx>
Date: Tue, 29 Nov 2005 18:20:45 +1100
In-reply-to: <438BF183.3000909@xxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
References: <cef3a897c985472ea2b64bade11a2848@xxxxxxxxx> <1132932447.3331.118.camel@xxxxxxxxxxxxxxxxxxxxxx> <438B64F3.20106@xxxxxxxxxxxxx> <1133222490.9955.15.camel@xxxxxxxxxxxxxxxxxxxxxx> <438BA14B.2080000@xxxxxxxxxxxxx> <1133225066.24144.2.camel@xxxxxxxxxxxxxxxxxxxxxxxxx> <438BF183.3000909@xxxxxxxxxxxxxxxxxxxxxx>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

On Tue, 2005-11-29 at 14:13 +0800, John Summerfied wrote:
> If there's a kernel update fixing a security problem only exploitable 
> with local access, and I control the only account with local access, 
> then I don't need it.

Are you sure? If there's a bug in httpd that allows an attacker to run
code as user apache, then the kernel bug may become quite useful to get
root.

Why run with a known vulnerability, just because one isn't smart enough
to think of an attack vector? Defense in depth...

Cheers
Steffen.

Attachment: signature.asc
Description: This is a digitally signed message part

Follow-Ups:
- Re: vulnerability of Linux
  - From: John Summerfied
- Re: vulnerability of Linux
  - From: Christofer C. Bell

References:
- vulnerability of Linux
  - From: Joao Paulo Pires
- Re: vulnerability of Linux
  - From: Rodolfo Alcazar
- Re: vulnerability of Linux
  - From: Mike McCarty
- Re: vulnerability of Linux
  - From: Steffen Kluge
- Re: vulnerability of Linux
  - From: Mike McCarty
- Re: vulnerability of Linux
  - From: Les Mikesell
- Re: vulnerability of Linux
  - From: John Summerfied

Prev by Date: Re: vulnerability of Linux
Next by Date: Re: FC3 installation failure -- SATA problem?
Previous by thread: Re: vulnerability of Linux
Next by thread: Re: vulnerability of Linux
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]