I want to chime in here also, I too was unhappy that I did not know about a local root exploit in 2.4.22 until the Debian machines were compromised in this manner. I think a lot of people were in the same boat (not to mention the debian folks). I watch kerneltrap, kernel traffic, and slashdot fairly regularly for these purposes, and I did not see anything of this sort come through, otherwise I would have patched immediately (which is what I did last night when I received the information).
What do you want? It was a mistake. It happens. Deal with it. If people
had realized it was an exploit it would have been dealt with
differently.
Mike Stone
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
