WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] patch for vanilla kernel

On Tue, 26 Feb 2008, Tom Brown wrote:

On Tue, 26 Feb 2008, Pasi Kärkkäinen wrote:

 On Tue, Feb 26, 2008 at 07:39:54PM +0200, Subredu Manuel wrote:
> > Hi, > > I'm struggling for more than a week now, to build a 2.6.22.18 vanilla
>  kernel with xen support. I've read all the information sources related
>  to this issue that I have found, and still no solution for this
>  (theoretically) simple issue.
> Can someone please point me into the right direction ? I'm really stuck > . >
 Official Xen releases contain Xenlinux patches only for Linux 2.6.18
 kernel.

 Some distributions have forward ported these patches to newer kernels, but
 they tend to have more bugs and less testing..

 So I'd recommend you to use the official 2.6.18 kernels.

I can not agree with that. If you're messing around on your desktop machine, ok... you've already got root and you are the only user... security patches aren't important in that scenario ... but if you're providing real services to real users, and you don't want some script kiddie wiping out your box starting from a PHP or SQL injection exploit, then you need to be using kernels that aren't 18 months out of date.

Sorry, even that isn't very well written... Most linux security patches are for local exploits (priveledge escalation), and these aren't very relevent if you are the only user and you already have root :)

I'm not aware of any recent remote exploits against the linux kernel. If there were then the above generalization is out to lunch.

-Tom
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users