[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Kernel security advice

On Fri, Feb 18, 2005 at 08:06:59PM -0500, Michael Stone wrote:
> On Sat, Feb 19, 2005 at 09:42:48AM +1100, campbellm@cia.com.au wrote:
> >yes - and I have been the victim of one of these (the 'suckit' rootkit).
> >But at least using non-modular kernels prevents one class of attacks...
> 
> Sure. At a fairly high cost in administrative overhead you can prevent
> one fairly narrow category of attack (one which I've seen fail in the
> field a *lot* because the kiddies run into problems of compatability
> between kernel versions). I have yet to see a convincing argument that
> the dubious benefit justifies the cost.

why, in particular, do you consider it to be a 'fairly high cost in
administrative overhead'? 

Campbell


> Mike Stone
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact 
> listmaster@lists.debian.org
>
Reply to: