Fwd: Re: thoughts on kernel security issues
Kevin P. Fleming
kpfleming at linuxfromscratch.org
Sun Feb 6 15:14:16 PST 2005
Ken Moffat wrote:
> I'm happily using 2.6.10-ac10 on *desktops* here, but my use is best
> described as beta-testing, so I doubt it has any relevance to servers.
> On balance, I _think_ -as might be a better way to go, except that it
> doesn't seem to be on kernel.org or its mirrors.
I think this is all a bit of overreaction, but it depends on how you
intend to use your systems.
I have not yet seen _any_ remote exploits for 2.6 that were not fixed
immediately. There have been some local exploits (and there are tons of
local DoS issues, but those exist in 2.4 as well), but the vast majority
of these have been fixed as well.
If you are operating your systems as primarily a single user machine
(either as your desktop system or as a server without remote users
logging in to shell sessions), then I don't think any of this is
relevant. I have been using exclusively 2.6 kernels since before they
were 2.6 (sometime around 2.5.80 I think) and have been very happy and
have had no problems I can remember since 2.6.0 (other than one caused
by the XFS team).
More information about the lfs-chat