As H D Moore wrote: It's your own fault if you get rooted. If you are not able to compile a kernel by yourself with the patches you need, go and read the Kernel-HOWTO, the files in /usr/src/linux/Documentation and some man pages instead of moaning in public.
Yeah, I agree completely. I mean if you can't fix kernel source code or ntpd source code or cron source code or samba source code on your own and recompile it you deserve to be rooted. If you fail to hire armed guards and protect your house adequately it's TOTALLY your fault if someone breaks into your house and steals stuff. No, this is just the wrong way. The kernel is the most important part for a running system. You can turn off samba, or cron, but turning off the kernel is ... *mmmhh* ... stupid ..
Everyone caring a little bit, should be able to recompile a kernel, and it is not very hard to learn, too. Distributors will _never_ be fast enough to rapair a kernel hole in reasonable time. As far as I remember, SuSe has made a patched 2.2.18 kernel, which _is_ secure. Markus -- _____________________________ /"\ Markus Gaugusch ICQ 11374583 \ / ASCII Ribbon Campaign markus@gaugusch.dhs.org X Against HTML Mail / \