or use Debian and run apt-get update; apt-get upgrade every day. On stable
all you will get is security updates.
If you want to review the fixes before installing them use --download-only
on the upgrade and then you can
install them at your leasure and have them downloaded ready for you every
morning (if there are any that day).
David
Alan Altmark
<Alan_Altmark@u To: [EMAIL PROTECTED]
s.ibm.com> cc:
Sent by: Linux Subject: Re: Probably the first
published shell code example
on 390 Port for Linux/390
<[EMAIL PROTECTED]
ARIST.EDU>
30/10/2002
15:10
Please respond
to Linux on 390
Port
On Wednesday, 10/30/2002 at 08:33 CST, Dennis Wicks <[EMAIL PROTECTED]>
wrote:
> Greetings;
>
> They key phrase here is "(if they get in)".
>
> The article itself isn't even up to the "Assembler For Dummies"
> level and doesn't reveal any great secrets about getting into
> the system.
>
> This is just the latest in a long string of writings by someone
> who doesn't know much about S/390 systems for others who don't
> know anything about S/390 systems. All it does is increase the
> authors prestige among his peers and spread FUD amongst the
> uninformed.
>
> Now, if the article detailed an exploit of a buffer overrun
> in Apache or Websphere on Linux/390 that would allow execution of
>
> rm -r /
>
> as root, that would be cause for alarm!
As "Resident VM Security Guy", let me encourage you to stay on top of
security updates, whether for IBM products or Linux. The hacking of Linux
on the mainframe has begun (began a while back, in fact). The fact that
S/390 is relatively unknown to general Hackerdom simply, I think,
increases the prestige. It's another tech hurdle to jump and on the other
side is Mainframe and Big Business....tempting targets.
It's yet another reason to get a Linux support contract.
Alan Altmark
Sr. Software Engineer
IBM z/VM Development
