On Mon, 1 Mar 2010, Jeremy Katz wrote:
On Mon, Mar 1, 2010 at 12:29 PM, Ewan Mac Mahon
<ewan(a)macmahon.me.uk> wrote:
> On Mon, Mar 01, 2010 at 10:38:25AM -0500, David Huff wrote:
>> I never said mine was perfect, however a good starting point for this
>> type of discussion, which I have been wanting to have for a long time.
>>
>> When we started the AOS (like 2 years ago) the base requirements were
>> basically: DHCP, sshd, yum, and selinux (which was disabled in EC2 due
>> to issues w/ their infrastructure).
>>
> Do we know what these issues were, and whether they still exist? Do the
> F12 updates kernels currently being tested allow a guest to run on EC2
> with selinux enabled?
The Amazon provided kernels have SELinux disabled. When we're running
newer kernels, it shouldn't be an issue/concern
How does Amazon keep their images up to date? On a 0 day kernel exploit,
the first place I'd turn is the amazon ip space.
-Mike