Serveral distributors have already published updates... What is the problem with SuSE? A crisis? This is probably the "worst" exploit up to now and a big problem for all networks with many login accounts (web sites, schools, universities etc). So the options I have are 1) Compile and install my own kernel 2) Disable logins until SuSE comes with a new kernel 3) Switch to a distribution which provides the necessary updates Not funny at all Best regards Martin
Martin Fahlgren <martin@as3-1-1.hn.g.bonet.se> wrote:
Serveral distributors have already published updates... What is the problem with SuSE? A crisis?
This is probably the "worst" exploit up to now and a big problem for all networks with many login accounts (web sites, schools, universities etc).
So the options I have are 1) Compile and install my own kernel 2) Disable logins until SuSE comes with a new kernel 3) Switch to a distribution which provides the necessary updates
You are kidding, aren't you? Martin -- martin.peikert@innominate.com innominate AG dipl. math. the linux architects project manager http://www.innominate.com tel: +49-30-308806-0 fax: -77 gpg: http://innominate.org/gpg/mpe.gpg
So the options I have are 1) Compile and install my own kernel 2) Disable logins until SuSE comes with a new kernel 3) Switch to a distribution which provides the necessary updates
* Martin Fahlgren wrote on Tue, May 08, 2001 at 01:08 +0200: 4) use a simple workaround I don't think that this is really secure or so, but at least it should help against some script kiddies... See attachment. This was posted on bugtraq in March or April. No warranty at all and standard disclaimer applies :) oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
participants (3)
-
Martin Fahlgren -
Martin Peikert -
Steffen Dettmer