| 1 |
On Wed, 2004-03-17 at 13:44, Michael Atighetchi wrote: |
| 2 |
> On Wed, Mar 17, 2004 at 01:08:56PM -0500, Ned Ludd wrote: |
| 3 |
> > On Wed, 2004-03-17 at 12:46, Michael Atighetchi wrote: |
| 4 |
> > > On Mon, Mar 15, 2004 at 08:20:31PM -0500, Ned Ludd wrote: |
| 5 |
> > > > hardened-dev-sources-2.6 is available for "testing" |
| 6 |
> > > > |
| 7 |
> > > |
| 8 |
> > > <snip> |
| 9 |
> > > |
| 10 |
> > > > Oh wait one more thing.. If you really care about security you probably |
| 11 |
> > > > should stick with 2.4.x |
| 12 |
> > > > |
| 13 |
> > > |
| 14 |
> > > Could you explain more why you think 2.6 is "less" secure thatn 2.4 ? |
| 15 |
> > |
| 16 |
> > I'm not saying that 2.6.x is less secure in anyway. 2.6.x has been out |
| 17 |
> > all of what a few months? And the security patches even less time. So |
| 18 |
> > without proper security regression tests done for 2.6.x yet I'll stick |
| 19 |
> > with recommending that it not be used for production environments yet. |
| 20 |
> > 2.4.x on the other hand has been audited by many sets of eyes where |
| 21 |
> > 2.6.x has probably been reviewed by a few. |
| 22 |
> > |
| 23 |
> > Auditing and regression testing is welcome. |
| 24 |
> > |
| 25 |
> I see. We starting using a 2.4 gentoo linux distribution a couple of |
| 26 |
> months ago, and had good luck with it. However, we ran into install |
| 27 |
> difficulties with the 2.6 live cd, which were painfull but we worked |
| 28 |
> around them. |
| 29 |
> |
| 30 |
> However, we currently face an issue with stdout redirection. We start |
| 31 |
> our java processes via a .sh script and redirect stdout/stderr to a file via |
| 32 |
> > file.txt 2>&1 . By changing from 2.4 to 2.6 we noticed that |
| 33 |
> file.txt gets created when the .sh script starts up, up it does not |
| 34 |
> get any content for a while (about 6 minutes and about 100k of |
| 35 |
> log), after which the whole file shows up. It looks like a buffering |
| 36 |
> problem of sort. |
| 37 |
> |
| 38 |
> We are using |
| 39 |
> Linux dcaf 2.6.4-rc2-mm1 #2 Mon Mar 15 17:33:02 EST 2004 i686 Pentium III (Coppermine) GenuineIntel GNU/Linux |
| 40 |
> with the following fs |
| 41 |
> /dev/hda3 on / type ext3 (rw,noatime) |
| 42 |
> |
| 43 |
> Any clues ? |
| 44 |
|
| 45 |
nope I sure don't.. |
| 46 |
Anybody else with a cluestick have an idea? |
| 47 |
|
| 48 |
> |
| 49 |
> Michael |
| 50 |
> |
| 51 |
> |
| 52 |
> > -peace |
| 53 |
> > |
| 54 |
> > > |
| 55 |
> > > Michael |
| 56 |
> > > |
| 57 |
> > > |
| 58 |
> > > > -peace |
| 59 |
> > > > |
| 60 |
-- |
| 61 |
Ned Ludd <solar@g.o> |
| 62 |
Gentoo Linux Developer |
Archives