updating the Linux kernel (was: Please help me unsubscribe)

gsl at linuxcolombia.com.co gsl at linuxcolombia.com.co
Fri Jun 9 19:57:01 PDT 2000

Guess that doing it node by node its better.. but what i think its better
its applyng the patch and renicing some jobs that eat the machine, or
replacing jobs from computer to another one up and free from load...

thats what i think, maybe im wrong..


On Fri, 9 Jun 2000, Martin Siegert wrote:

> After all that talk about the quality of IBM products I'd like to get
> back to more beowulf like stuff:
> Yesterday a bug was found (or made public on bugtraq) in the Linux
> kernel (in all 2.2 versions up to and including 2.2.15) that allows
> local users to gain root.
> highly recommended remedy: upgrade to 2.2.16
> My question now is how do you handle such an issue?
> Our beowulf is fully loaded with jobs.
> Some of these jobs run for about 30 days.
> Upgrading the kernel means killing those jobs ... and gives you some
> very unhappy users.
> If the bug would allow a remote root exploit I wouldn't have a choice,
> but to upgrade immediately.
> In this situation:
> (1) do you upgrade immediately?
> (2) do you say "I trust my local users they won't do anything bad"
>     and do nothing?
> (3) do you wait until RedHat comes out with patches?
> (4) something else (e.g., disable logins and upgrade node after node
>     when no jobs are running on them anymore).
> Cheers,
> Martin
> ========================================================================
> Martin Siegert
> Academic Computing Services                        phone: (604) 291-4691
> Simon Fraser University                            fax:   (604) 291-4242
> Burnaby, British Columbia                          email: siegert at sfu.ca
> Canada  V5A 1S6
> ========================================================================
> _______________________________________________
> Beowulf mailing list
> Beowulf at beowulf.org
> http://www.beowulf.org/mailman/listinfo/beowulf

More information about the Beowulf mailing list