Re: Sun Solaris login bug patches out
From: Cy Schubert - ITSD Open Systems Group (Cy.Schubert@uumail.gov.bc.ca)Date: 12/27/01
- Previous message: Casper Dik: "Re: /usr/bin/login patch question"
- In reply to: Mike D. Kail: "Re: Sun Solaris login bug patches out"
- Next in thread: Jan-Philip Velders: "Re: Sun Solaris login bug patches out"
- Next in thread: Reg Quinton: "RE: login security bug"
- Reply: Jan-Philip Velders: "Re: Sun Solaris login bug patches out"
- Reply: Warren Belfer: "Re: Sun Solaris login bug patches out"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: "Mike D. Kail" <mdkail@verance.com> Date: Thu, 27 Dec 2001 14:24:16 -0800
In message <200112242238.fBOMcka01006@marathon.verancecorp.com>, "Mike
D. Kail"
writes:
> On Mon, 24 Dec 2001 09:04:52 EST, "Levenglick, Jeff" wrote:
> >
> > I agree that it is not required, but it is always a good idea to reboot
> > if/when you can to
> > clear everything. Because this involved a security issue, without rebooting
> > you would need
> > to make sure nobody is logged in before you added the patch. ie: What if
> > someone is in as
> > an exploited root?
>
> if someone is in because of an exploited root, you have far more problems
> than are solved by a simple reboot.
>
> i, personally, am of the 'anti-M$' mentality that one shouldn't reboot a
> unix box ``just because''.
That doesn't make any sense at all. A UNIX box with a high uptime is
indicative of that box not being maintained with the latest security
patches. IMO I think it's a shame that this attitude is part of the
UNIX culture. A maintenance schedule that installs patches at regular
intervals, including kernel patches which require a reboot, and
including all security patches is a definite must. If I were cracker,
I'd target UNIX systems with 3+ months of uptime because I'd have a
better probability of finding exploitable bugs.
Why a system has been rebooted is more important than how often.
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
Team Leader, Sun/Alpha Team Email: Cy.Schubert@osg.gov.bc.ca
Open Systems Group, ITSD
Ministry of Management Services
Province of BC
FreeBSD UNIX: cy@FreeBSD.org
- Previous message: Casper Dik: "Re: /usr/bin/login patch question"
- In reply to: Mike D. Kail: "Re: Sun Solaris login bug patches out"
- Next in thread: Jan-Philip Velders: "Re: Sun Solaris login bug patches out"
- Next in thread: Reg Quinton: "RE: login security bug"
- Reply: Jan-Philip Velders: "Re: Sun Solaris login bug patches out"
- Reply: Warren Belfer: "Re: Sun Solaris login bug patches out"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
