Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 13 Jul 2004 12:58:59 +0200
From:      Phil Schulz <ph.schulz@gmx.de>
To:        Mark <admin@asarian-host.net>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Is it safe to keep /kernel.old?
Message-ID:  <40F3C073.9050402@gmx.de>
In-Reply-To: <200407131018.I6DAIASL045534@asarian-host.net>
References:  <200407131018.I6DAIASL045534@asarian-host.net>

next in thread | previous in thread | raw e-mail | index | archive | help
[Please wrap your lines]

Mark wrote:
[...]
> My question is, though, is it safe to keep /kernel.old?
[...]
> I am not sure whether users could actually use the old kernel (once in 
> multi-user mode). Still, I wonder if this concern is valid at all. Or 
> whether I should perhaps get rid of the old kernel.

Mark,

I'd say there is no problem in keeping the old kernel around. Even if 
you had to apply a security patch to the current kernel. After applying 
the patch, re-compiling and installing the new kernel, /kernel.old would 
indeed contain the old security hole. However, as long as nobody can 
boot that old kernel, no harm can be done. If an attacker is actually 
able to boot your old vulnerable kernel, then he won't need to exploit 
the security whole anymore :-)

Phil.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?40F3C073.9050402>