It would be interesting if someone does the experiment of testing in an upathced Debian system with grsecurity kernel running. To my understanding PAX and Grsecurity might mitigate this problem, and of course future problems like this.
2015-01-30 0:30 GMT-06:00 Paul Wise <[email protected]>: > On Fri, 2015-01-30 at 00:22 -0600, Marco Galicia wrote: > > > Does using something like the Grsecurity kernel helps prevent these > > type of vulnerabilities? > > grsec can mitigate weaknesses in other software but it does not prevent > those vulnerabilities from existing, it can just change the effects of > being attacked through those vulnerabilities. > > > In Ghost case, a Grsecurity kernel would help? > > I haven't seen any analysis of that but as it is supposed to help with > memory corruption-based exploits it should help here. > > > doesn't apticron does the same job as your script? > > Yes. > > PS: No need to CC folks who are clearly subscribed to the list. > > -- > bye, > pabs > > https://wiki.debian.org/PaulWise > > -- *Por favor, evite enviarme documentos adjuntos en formato Word Excel o PowerPoint.Como alternativa puede enviarme documentos en formato odt, odx u ods, además de documentos en formato pdfSi realmente es necesario enviarme un documento en formato Word, por favor utilize el formato .doc en lugar de .docx Vea http://www.gnu.org/philosophy/no-word-attachments.html <http://www.gnu.org/philosophy/no-word-attachments.html>http://es.libreoffice.org/ <http://es.libreoffice.org/>http://getgnulinux.org/es <http://getgnulinux.org/es>*
