On Sat, Sep 08, 2007 at 12:53:24 -0500, Les Mikesell <lesmikesell@xxxxxxxxx> wrote: > Mikkel L. Ellertson wrote: > >> > >You do know that you can set up yum to exclude kernel updates, don't > >you? If you don't want to play with kernel changes, don't update the > >kernel. What is so hard about that? > > Security updates? If you look at the security updates for the kernel they mostly aren't critical for single user systems. While the local root holes are a problem (in that an exploit for an app can be turned into a remote root exploit), SELinux will mitigate a lot of the cases of that. You can read the security updates summaries at LWN to get an idea (in more detail than you'd see in a spec file) of what problems are being fixed and judge for yourself whether or not what want to upgrade to get the fix.
