On 03/05/2012 23:43, Robert Bonomi wrote: > Amazingly, this very question was covered on this list within the last few > hours. <grin>
It's not that much of a coincidence. We always get a rash of queries
like this every time there's a security advisory and consequently a lot
of people are updating.
> Executive summary:
> the kernel ID string that uname reports changes only when the -kernel- is
> changed.
>
> -p4, -p5, -p6, and -p7. have -not- involved any changes to the kernel.
> hence the ID string has stayed at '-p3'.
>
> While this _is_ counter-intuitive, it does make sense to avoid pushing a
> new k ernel out, and/or forcing an admin to rebuild a custom kernel, when
> the -only- change would be to the ID string.
I wonder if it would be possible or indeed worthwhile to have a very
small kld or sysctl that shows the current patch level and that can be
updated without replacing the kernel entire. Obviously, this introduces
the possibility of faking the patchlevel, so perhaps this should be
constructed so it can only be modified on reboot.
Hmmmm....
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
JID: matt...@infracaninophile.co.uk Kent, CT11 9PW
signature.asc
Description: OpenPGP digital signature
