[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] do_brk - kernel update?

To: Roman Drahtmueller <draht@xxxxxxx>
Subject: Re: [suse-security] do_brk - kernel update?
From: Markus Gaugusch <markus@xxxxxxxxxxx>
Date: Thu, 4 Dec 2003 12:31:38 +0100 (CET)
Cc: SuSE-Security <suse-security@xxxxxxxx>
Delivered-to: mailing list suse-security@xxxxxxxx
Delivery-date: Thu, 04 Dec 2003 12:32:17 +0100
Envelope-to: suse@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
In-reply-to: <Pine.LNX.4.58.0312041139030.13168@xxxxxxxxxxxx>
List-help: <mailto:suse-security-help@suse.com>
List-post: <mailto:suse-security@suse.com>
List-subscribe: <mailto:suse-security-subscribe@suse.com>
List-unsubscribe: <mailto:suse-security-unsubscribe-suse=archive.cert.uni-stuttgart.de@suse.com>
Mailing-list: contact suse-security-help@xxxxxxxx; run by ezmlm
References: <Pine.LNX.4.58.0312041117480.1791@xxxxxxxxxxxxxxxxxx> <Pine.LNX.4.58.0312041139030.13168@xxxxxxxxxxxx>

On Dec 4, Roman Drahtmueller <draht@xxxxxxx> wrote:
> The strategy is clear: Get that stuff out as soon as possible, and make 
> sure under all circumstances that the customer's machines will boot 
> after the update.
Right. But are the 3 other major distributors not having such a good QA?
In my opinion, you are putting more fixes into the kernel than necessary 
for this particular bug. And this is costing time.
(Of course my postings are also costing your time, but I'm trying to be 
constructive!)
We surely don't want to update our kernels every other week, but 
everyone of us has critical systems that need to be protected. 
If I can't rely on the distribution kernel and have to do it myself, it is 
wasted time for you to put so much effort in it! 
I've also heard, that the ulimit workaround "fixes" only one of three 
cases of possible break-in, so it is not a solution.

> It's just that you can't make sure that the QA for such an update happens 
> momentarily, even though all resources are working on it.
I assume that your ressources are overloaded, and people can't assume the 
fastest service for buying a 90 EUR box product. But even the 
debian people made it, although they had this horrible break-in.

> > PS: I've seen that the update kernel on 9.0 contains stack overflow 
> > protection - I've been waiting for that for Years! But at least it is 
> > there now :-))
> If you guys are running rsync servers, you should disable these until our 
> update packages are out.
It is available over YOU - is there something wrong with that one?

kind regards,
Markus

-- 
__________________    /"\ 
Markus Gaugusch       \ /    ASCII Ribbon Campaign
markus@xxxxxxxxxxx     X     Against HTML Mail
                      / \

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here

Follow-Ups:
- Re: [suse-security] do_brk - kernel update?
  - From: Roman Drahtmueller

References:
- [suse-security] do_brk - kernel update?
  - From: Markus Gaugusch
- Re: [suse-security] do_brk - kernel update?
  - From: Roman Drahtmueller

Prev by Date: Re: [suse-security] Secure Backup
Next by Date: Re: [suse-security] do_brk - kernel update?
Previous by thread: Re: [suse-security] do_brk - kernel update?
Next by thread: Re: [suse-security] do_brk - kernel update?
Index(es):
- Date
- Thread