Much ado about nothing
|
Author | Content |
---|---|
caitlyn Aug 26, 2009 2:31 PM EDT |
Some writers are looking for an opportunity to blast Red Hat (this article isn't unique) over the "late" kernel patch. In reality it's much ado about nothing. The author, with his "in fairness" line at the end, admits this is a local-only exploit. A remote user can't do any harm. He also admits there was a work-around on day one. That makes this a patch of a low risk vulnerability that was low priority since anyone concerned could avoid it with the existing kernel. In these circumstances taking time to make sure the new kernel won't break anything makes sense. |
mrider Aug 26, 2009 3:26 PM EDT |
If you scroll down in this /. thread (http://linux.slashdot.org/story/09/08/13/2022212/Local-Privi...), you'll find a thread titled "Some distros less vulnerable by default". I ran his test on my Debian server and the result was 0, but according to him (her?), Ubuntu, CentOS, and RHEL all reported 65536. Which seems to suggest that RHEL may not have been as vulnerable as the author seems to think. I could not personally confirm this behaviour though... |
Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]
Becoming a member of LXer is easy and free. Join Us!