Linux is a SECURITY DISASTER!!!!!!!!!!!!!! 4769
Jean-David Beyer
I use Gentoo Linux to run a webserver, DNS, and DHCP among other things. I install only that which is needed to run the services I want, so I get a lot less security issues than say RH with everything installed, but I do still get a few security updates. Last month I think I had 3. They were along the lines of:
"A local attacker...execute arbitrary code with the privileges of the user executing the perl script..."
Which is basically a none issue but I update anyway. It's a non issue because 1) the attacker would have to be allowed into the system already and nobody is, 2) it just executes at the user's level, 3) I write every perl script I execute as root.
Hi guys. I've settled on Vector Linux 4.3 for my old P3-866MHz comp with 128MB of RDRAM. It is really fast, and I like the...
That's an interesting concept. Please excuse those questions below that may result from my lack of...
So in order to use this exploit the attacker would already have to own me...they would have to be able to overwrite programs and libs that have root only write permissions.
I wrote a cron script that does an esync every night and then runs glsa-check on the system and emails me if there is a problem. I can go weeks without getting any "security issues" at all and when I do they are almost always minor or non-issues (on the second tuesday of every month a local user could theoretically sacrifice a large animal under a full moon and, if they have direct access to your terminal, could cause Linux to hiccup for a second or two if they know the right incantations)...but they are so easy to fix I just do it anyway.
So, as a professional Linux admin and programmer I have to disagree with the knee jerk reactions of this troll to a few lists on a security alert website.
Vector Linux & USB ADSL modem problems 4770
Linux groups from Newsgroups