"Kurt Seifried" <listuser@seifried.org> wrote:
As H D Moore wrote: It's your own fault if you get rooted. If you are not able to compile a kernel by yourself with the patches you need, go and read the Kernel-HOWTO, the files in /usr/src/linux/Documentation and some man pages instead of moaning in public.
Yeah, I agree completely. I mean if you can't fix kernel source code or ntpd source code or cron source code or samba source code on your own and recompile it you deserve to be rooted. If you fail to hire armed guards and protect your house adequately it's TOTALLY your fault if someone breaks into your house and steals stuff.
What you are saying is that EVERYONE with a box online needs to be capable of compiling *ALL* their software/etc, otherwise they deserve to get rooted by malicious attackers. Mmmm... uhhh. errr.... I'm not sure what to say that is appropriate for a public forum such as this.
No. I said that he should be able to patch and compile his _kernel_ (ok, *everyone* with a box online should be able to do that). If there is a remote root exploit for a service you have running (such as ntpd, *ftp,...), it would be better if you to turn that service off and wait until your distributor offers a new, patched version - even if a more sophisticated system administrator would get the tarball and compile or patch the software he needs byhimself. If you know about a root exploit and neither turn such a service off and wait for the distributor's update nor patch and compile the software by yourself _then_ you really do not have to moan if you get rooted. Martin -- martin.peikert@innominate.com innominate AG project manager the linux architects dipl. math. http://www.innominate.com tel: +49-30-308806-0 fax: -77 gpg: http://innominate.org/gpg/mpe.gpg