Scripsit Yven Johannes Leist <[EMAIL PROTECTED]> > Well, I for one would love to see a security announcement one day, which > contains something like: > > "All users running the standard Debian kernel are not affected, since the > special security features the Debian kernel contains prevent the > exploit/attack in question." :)
Hm, what I've been able to glean from the discussions seems to imply that any software that's vulnerable to a remote access exploit *without* the kernel-level protection in question, would still at least be vulneable to a DoS attack, killing the server (or whatever) process instead of giving the attacker actual control. So we'd still want to provide security updates to the same extent as without. -- Henning Makholm "Hele toget raslede imens Sjælland fór forbi."