updating the Linux kernel (was: Please help me unsubscribe)

Martin Siegert siegert at sfu.ca
Fri Jun 9 18:48:32 PDT 2000


After all that talk about the quality of IBM products I'd like to get
back to more beowulf like stuff:

Yesterday a bug was found (or made public on bugtraq) in the Linux
kernel (in all 2.2 versions up to and including 2.2.15) that allows
local users to gain root.

highly recommended remedy: upgrade to 2.2.16

My question now is how do you handle such an issue?
Our beowulf is fully loaded with jobs.
Some of these jobs run for about 30 days.
Upgrading the kernel means killing those jobs ... and gives you some
very unhappy users.
If the bug would allow a remote root exploit I wouldn't have a choice,
but to upgrade immediately.

In this situation:
(1) do you upgrade immediately?
(2) do you say "I trust my local users they won't do anything bad"
    and do nothing?
(3) do you wait until RedHat comes out with patches?
(4) something else (e.g., disable logins and upgrade node after node
    when no jobs are running on them anymore).

Cheers,
Martin

========================================================================
Martin Siegert
Academic Computing Services                        phone: (604) 291-4691
Simon Fraser University                            fax:   (604) 291-4242
Burnaby, British Columbia                          email: siegert at sfu.ca
Canada  V5A 1S6
========================================================================




More information about the Beowulf mailing list