Fwd: Re: thoughts on kernel security issues

Kevin P. Fleming kpfleming at linuxfromscratch.org
Sun Feb 6 15:14:16 PST 2005


Ken Moffat wrote:

>  I'm happily using 2.6.10-ac10 on *desktops* here, but my use is best
> described as beta-testing, so I doubt it has any relevance to servers.
> On balance, I _think_ -as might be a better way to go, except that it
> doesn't seem to be on kernel.org or its mirrors.

I think this is all a bit of overreaction, but it depends on how you 
intend to use your systems.

I have not yet seen _any_ remote exploits for 2.6 that were not fixed 
immediately. There have been some local exploits (and there are tons of 
local DoS issues, but those exist in 2.4 as well), but the vast majority 
of these have been fixed as well.

If you are operating your systems as primarily a single user machine 
(either as your desktop system or as a server without remote users 
logging in to shell sessions), then I don't think any of this is 
relevant. I have been using exclusively 2.6 kernels since before they 
were 2.6 (sometime around 2.5.80 I think) and have been very happy and 
have had no problems I can remember since 2.6.0 (other than one caused 
by the XFS team).



More information about the lfs-chat mailing list