updating the Linux kernel (was: Please help me unsubscribe)
Martin Siegert
siegert at sfu.ca
Fri Jun 9 18:48:32 PDT 2000
After all that talk about the quality of IBM products I'd like to get
back to more beowulf like stuff:
Yesterday a bug was found (or made public on bugtraq) in the Linux
kernel (in all 2.2 versions up to and including 2.2.15) that allows
local users to gain root.
highly recommended remedy: upgrade to 2.2.16
My question now is how do you handle such an issue?
Our beowulf is fully loaded with jobs.
Some of these jobs run for about 30 days.
Upgrading the kernel means killing those jobs ... and gives you some
very unhappy users.
If the bug would allow a remote root exploit I wouldn't have a choice,
but to upgrade immediately.
In this situation:
(1) do you upgrade immediately?
(2) do you say "I trust my local users they won't do anything bad"
and do nothing?
(3) do you wait until RedHat comes out with patches?
(4) something else (e.g., disable logins and upgrade node after node
when no jobs are running on them anymore).
Cheers,
Martin
========================================================================
Martin Siegert
Academic Computing Services phone: (604) 291-4691
Simon Fraser University fax: (604) 291-4242
Burnaby, British Columbia email: siegert at sfu.ca
Canada V5A 1S6
========================================================================
More information about the Beowulf
mailing list