Hi, so what do we learn about this? Never do a automatic Update and run YOU interactive. It would have mentioned about rebooting ;-) Or didn`t you read the messages? SCNR Now a Question to the List and to SuSE ;-) What about a YOU option to spezify the Mailaddress where YOU-Messages are mailed to in auto-Mode? Or did i just overread this in the MAN-Pages ?!? Greetings Dirk Olivier M. schrieb:
On Sun, Nov 30, 2003 at 12:48:23AM +0100, Olivier M. wrote:
Well... I thought that ptrace problem has been fixed... ? (in suse 8.2 it's fine, the exploit is not working)
Conclusion: after a reboot:
om@box:~/tmp2> ./ptrace [*] PID of Parent: 23839 [*] PID of Child: 23840 [*] Attaching to PID 23841 Killed
So the system was uptodate and correctely patched all the time, but the "problem" was just the uptime of 103 days. Server should have been rebooted to activate the protection, which is indeed pretty logical in case of kernel upgrade (openssh update : restart ssh service, kernel update: restart server).
Thanks to all for the great support & advices and sorry for all that noise. At least we won't make the same mistake again later :)
Something is still strange: the ptrace exploit appeared around March/April 2003, and the fixed (suse-)kernel for 8.1 only in August ?
Regards, Olivier