View Single Post
Old 05-19-2013, 19:24   #6
harrygunner
Senior Member
 
Join Date: Sep 2010
Posts: 439
Interestingly, all the Redhat Enterprise 6 clones (CentOS and Scientific Linux) we run have PERF_EVENTS selected in kernels. Fortunately, our servers provide services and not set up for users.

The thing I like about Linux is how quickly a fix shows up. One could either patch and rebuild their kernel or upgrade to a patched kernel within days of this coming to light. The May 16 RHEL 6 kernels '2.6.32-279.22.1.el6.x86_64' are patched.

This laptop is running kernel 3.9.2 that came out May 11 and it's patched.

This one was easy to patch, but difficult to stop with the usual precautions. For example, if the exploit could be written in Perl, a non-root user could run 'perl expliot.pl' in a /home directory that is mounted 'noexec'. SELinux would not have stopped it either.

It's better to have lots of eyes looking at openly available source code. That actually makes it harder for exploits to exist for long.

Linux is not perfect, but I prefer it a thousand times over Windows.

Edited to add: This one may not have been "long standing". It was back-migrated to older kernels. That gave the appearance it has been around since the introduction of those older kernels. So, while the potential existed, new kernels were patched within days of the existence of a practical exploit.
__________________
People who've had to deal with their karma are more interesting to talk to.

Last edited by harrygunner; 05-19-2013 at 19:31..
harrygunner is offline   Reply With Quote