[Please wrap your lines]
Mark wrote: [...]
My question is, though, is it safe to keep /kernel.old?[...]
I am not sure whether users could actually use the old kernel (once in multi-user mode). Still, I wonder if this concern is valid at all. Or whether I should perhaps get rid of the old kernel.
I'd say there is no problem in keeping the old kernel around. Even if you had to apply a security patch to the current kernel. After applying the patch, re-compiling and installing the new kernel, /kernel.old would indeed contain the old security hole. However, as long as nobody can boot that old kernel, no harm can be done. If an attacker is actually able to boot your old vulnerable kernel, then he won't need to exploit the security whole anymore :-)
Phil. _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"