vulnerability of Linux
Steffen Kluge
kluge at fujitsu.com.au
Tue Nov 29 07:20:45 UTC 2005
On Tue, 2005-11-29 at 14:13 +0800, John Summerfied wrote:
> If there's a kernel update fixing a security problem only exploitable
> with local access, and I control the only account with local access,
> then I don't need it.
Are you sure? If there's a bug in httpd that allows an attacker to run
code as user apache, then the kernel bug may become quite useful to get
root.
Why run with a known vulnerability, just because one isn't smart enough
to think of an attack vector? Defense in depth...
Cheers
Steffen.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20051129/55d18282/attachment-0002.bin
More information about the users
mailing list