On Mon, 6 Feb 2012 20:00:02 +0100 Jan-Frode Myklebust <janfrode@xxxxxxxxx> wrote: > On Mon, Feb 06, 2012 at 11:59:53AM -0500, Bill Nottingham wrote: > > Stephen John Smoogen (smooge@xxxxxxxxx) said: > > > > > Discussion from irc today pointed out the..... difficulty > > > > > with our security with prelink running on our systems. > > > > Is this a general issue that should be pushed up the stack? > > > > http://magazine.redhat.com/2007/10/16/uli-drepper-part-5-preventing-exploits/ > > ".. prelinking should really, not ever, be used for > frontline machines" -- Uli Drepper. > > Well it is now undone. This morning I went through and un-prelinked all of our systems, marked prelink to be removed in our ks.cfg %packages, disabled prelinking on the systems, and, once kevin pushes the new rkhunter out - I will purge prelink from our systems. So - hopefully we are just that little bit more better off. -sv _______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure