kill prelink
seth vidal
skvidal at fedoraproject.org
Mon Feb 6 19:06:46 UTC 2012
On Mon, 6 Feb 2012 20:00:02 +0100
Jan-Frode Myklebust <janfrode at tanso.net> wrote:
> On Mon, Feb 06, 2012 at 11:59:53AM -0500, Bill Nottingham wrote:
> > Stephen John Smoogen (smooge at gmail.com) said:
> > > > > Discussion from irc today pointed out the..... difficulty
> > > > > with our security with prelink running on our systems.
> >
> > Is this a general issue that should be pushed up the stack?
> >
>
> http://magazine.redhat.com/2007/10/16/uli-drepper-part-5-preventing-exploits/
>
> ".. prelinking should really, not ever, be used for
> frontline machines" -- Uli Drepper.
>
>
Well it is now undone.
This morning I went through and un-prelinked all of our systems,
marked prelink to be removed in our ks.cfg %packages,
disabled prelinking on the systems,
and, once kevin pushes the new rkhunter out - I will purge prelink
from our systems.
So - hopefully we are just that little bit more better off.
-sv
More information about the infrastructure
mailing list