On Thu, Oct 26, 2000 at 02:37:37AM -0700, kmself@ix.netcom.com wrote: > > 2.2.17 is recommended to fix a set of root-level exploits (local, > IIRC) in the 2.2.9 (?) - 2.2.16 series. Prior to 2.2.9, there were, > IIRC, some memory issues or other random bugs. I'm running 2.2.17 at > home and 2.2.4pre8 at work.
actually the security fixes are in 2.2.16 if your refering to the capabilities/suid bug. there are no significant security fixes local or remote in 2.2.17. (according to Alan Cox's changelog) the cap bug affected all the 2.2 series up to 2.2.16 which was released to fix it. 2.2.17 fixes some VM issues and other stability problems that existed in .16 due to its rushed state. > The 2.0.3[678] series is actually pretty good, and if you don't need > features added in later kernels, is probably a good choice for a secure > box. If you've got any external exposure or foreign users on your box, > I'd tidy that up. there are some security issues with 2.0 kernels 2.0.38 is fairly good iirc. -- Ethan Benson http://www.alaska.net/~erbenson/
pgpSUSRbCTelj.pgp
Description: PGP signature
