updating the Linux kernel (was: Please help me unsubscribe)
gsl at linuxcolombia.com.co
gsl at linuxcolombia.com.co
Fri Jun 9 19:57:01 PDT 2000
Guess that doing it node by node its better.. but what i think its better
its applyng the patch and renicing some jobs that eat the machine, or
replacing jobs from computer to another one up and free from load...
thats what i think, maybe im wrong..
GERARDO
On Fri, 9 Jun 2000, Martin Siegert wrote:
> After all that talk about the quality of IBM products I'd like to get
> back to more beowulf like stuff:
>
> Yesterday a bug was found (or made public on bugtraq) in the Linux
> kernel (in all 2.2 versions up to and including 2.2.15) that allows
> local users to gain root.
>
> highly recommended remedy: upgrade to 2.2.16
>
> My question now is how do you handle such an issue?
> Our beowulf is fully loaded with jobs.
> Some of these jobs run for about 30 days.
> Upgrading the kernel means killing those jobs ... and gives you some
> very unhappy users.
> If the bug would allow a remote root exploit I wouldn't have a choice,
> but to upgrade immediately.
>
> In this situation:
> (1) do you upgrade immediately?
> (2) do you say "I trust my local users they won't do anything bad"
> and do nothing?
> (3) do you wait until RedHat comes out with patches?
> (4) something else (e.g., disable logins and upgrade node after node
> when no jobs are running on them anymore).
>
> Cheers,
> Martin
>
> ========================================================================
> Martin Siegert
> Academic Computing Services phone: (604) 291-4691
> Simon Fraser University fax: (604) 291-4242
> Burnaby, British Columbia email: siegert at sfu.ca
> Canada V5A 1S6
> ========================================================================
>
> _______________________________________________
> Beowulf mailing list
> Beowulf at beowulf.org
> http://www.beowulf.org/mailman/listinfo/beowulf
>
More information about the Beowulf
mailing list