Steffen Dettmer
* Martin Peikert wrote on Wed, May 09, 2001 at 10:57 +0000:
For the people that use linux at home, I agree completely. But for a system administrator in, for example, an university, where many people have an account on the system, I do not and do not even want to.
oki, in university it's may not be a problem to waste a lot of time and money for building kernel modules. In industry this is handled differently usually. If a hour costs i.e. $100, and a kernel security update tooks 2 hours per machine, you will have enourmous costs... so it becomes neccesary to be efficient, and recompiling kernels all the time cannot be efficient. Second,
2 hours _per_machine_? In most cases a lot of computers do not need different kernels - they all have the same hardware (maybe different hard disks or ethernet cards, but in most cases that would not require a different kernel - just different modules have to be loaded) and on some it won't even be necessary to fix a _local_ exploit. So the cost for a new kernel are not that enourmous. Anyway, in the industry you have to decide what is more expensive: a fixed kernel or a compromised system/network.
RPM building may require very special knowledge. SuSE is able to
Not really. It's not that difficult to build a rpm or a debian package. On the other hand, you do not need a rpm package to install a kernel...
pay one or two "kernel gurus" - ordinary small companies are not. But I see no reason to continue this thread, since it becomes more and more offtopic. It's everybodies own decision to use SuSEs upgrades or not.
I never said that everyone _has_to_build_ her own kernel. One may use the distributors updates or not, but if some people are not willing or able to do that part by themself then they should not moan in public (and ask if SuSE is in a crisis - that's ridiculous). I told them to read the Kernel-HOWTO and some other dokumentation.
My belief is that those still need to be able to fix major security flaws by patching and compiling the faulty software if there is a root exploit out in the wild.
Have you ever estimated the costs? Assume 2 hours for download, patch and compile, add 1 hour for testing on each system hardware configuration (controllers combinations and others), add time needed to document the changes and you'll get a lot of time, really.
If you really need an different kernel on every machine, ok. But it would be more efficient to build a kernel that runs on different machines - it's a little bit more work in the beginning, but the maintenance is much more easier afterwards and cost saving... And have you ever estimated the costs of a compromised network?
So what the hell is it we are going to? Incompetence as normality?
I think you missed the point. Nobody is able to be very competent in kernel and *.RPM security, even with reading mailinglists all the time. Evaluating patches and doing security audits is anythink but trivial. Don't forget that.
So if *nobody* is able to be competent, why do you think that the people at SuSE are? And I really know that evaluation of patches and security audits are not trivial. I do not think that I've missed the point.
I still think that anyone that wants to administrate (not the home users, because users do not neccessarily need to have that knowlwdge that administrators of a more complex system - that many people are using - should have) a system has to have some competence about what she is doing.
It's hardly possible to know at least the kernel well, since it sources are some MB of data. Did you understand every part of it?
No - and I never affirmed that. But to patch, configure and compile a kernel is not that difficult. I think you know that. Martin -- martin.peikert@innominate.com innominate AG project manager the linux architects dipl. math. http://www.innominate.com tel: +49-30-308806-0 fax: -77 gpg: http://innominate.org/gpg/mpe.gpg