Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability in the Linux
Kernel
http://dirtycow.ninja/
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
And?
Honestly, the way people create names and websites for these things, you'd
think it's a fund-raiser for something, not a critical security bug.
On Fri, Oct 21, 2016 at 5:22 PM, I wrote:
> Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability in the
> Linux Kernel
>
> http://dir
Test, not working on my side. Some demos on your side?
Le 22/10/2016 à 00:22, I a écrit :
> Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability in the
> Linux Kernel
>
> http://dirtycow.ninja/
>
>
> ___
> tor-relays mailing list
> tor-r
On 10/21/2016 06:23 PM, Tristan wrote:
> And?
>
> Honestly, the way people create names and websites for these things,
> you'd think it's a fund-raiser for something, not a critical security bug.
Tristan, they know this. They are even good-natured enough to make fun
of it themselves. From http://
https://security-tracker.debian.org/tracker/CVE-2016-5195
Remember,
to know your current debian linux kernel : uname -a
If your kernel is not up to date :
apt-get update && apt-get dist-upgrade && reboot
I :
> Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability in the
> Linux Ker
Would it be acceptable to configure unattended-upgrades to automatically
reboot the system when required? I already have it configured to check for
and install all updates to Ubuntu and Tor once a day, but I still need to
manually reboot to apply kernel upgrades.
On Sat, Oct 22, 2016 at 6:26 PM, P
I don't think it would be a terrible idea but it is always possible that
your server will fail to reboot after a kernel upgrade. This leaves it
offline without a general idea of why it is offline. I do use
unattended-upgrades to automatically restart most services though.
On Sat, Oct 22, 2016 at
On 10/22/2016 08:02 PM, Tristan wrote:
> Would it be acceptable to configure unattended-upgrades to automatically
> reboot the system when required? I already have it configured to check
> for and install all updates to Ubuntu and Tor once a day, but I still
> need to manually reboot to apply kerne
Hate to tell you this, but both problems are still a reality whether the
machine reboots automatically or not. If I manually reboot for a kernel
update that breaks network access, I still won't have SSH. And if I reboot
manually after every kernel update, my stability will still suffer.
On Oct 22,
I don't know if it's possible to load a new kernel without rebooting...
But I think people who doesn't want to reboot because feared of a bad
reboot, loose SSH or anything else... If OS's teams are updating a
system for security, I prefer a bad reboot (backups are done before!)
than a system with
> Would it be acceptable to configure unattended-upgrades to automatically
> reboot the system when required? I already have it configured to check for
> and install all updates to Ubuntu and Tor once a day, but I still need to
> manually reboot to apply kernel upgrades.
I think
Unattended-Upgrad
> Second, you will reduce the uptime and stability of
> your relay, thus it will lose consensus weight if you reboot the machine
> once a day.
Unattended-Upgrade::Automatic-Reboot "true";
Does not reboot your machine "once a day", it reboots when a new kernel
requires a reboot. Which on Debian s
I know some people using this for applying kernel updates without
rebooting, but don't know how good it is:
https://www.cloudlinux.com/all-products/product-overview/kernelcare
On 23 October 2016 at 09:16, nusenu wrote:
> > Second, you will reduce the uptime and stability of
> > your relay, th
Hi folks,
I think this is a very extreme and unnecessary solution. While it is good to
keep relays up, this may be unreliable. It is good to perform maintenance
regularly, and reboots are often best.
Also, it appears to be proprietary technology. I would not advise proprietary
technology on a T
Rebooting also makes sure updates are applied correctly. If a shared
library updates, the old version is still in use until whatever program
using it stops, and the new version is loaded on the next run.
On Oct 23, 2016 10:07 PM, "Duncan Guthrie" wrote:
> Hi folks,
>
> I think this is a very ext
15 matches
Mail list logo