On Mon, 11 Feb 2008, Ross S. W. Walker wrote:
> Dag Wieers wrote:
> > On Mon, 11 Feb 2008, jarmo wrote:
> >
> > > Ofcource there's a way, get vanilla kernel 2.6.24.2 and use
> > old config
> > > compile it and run. I've done it.
> >
> > And *poof* you lost all support or reproducability that
> > people crave when
> > using CentOS or RHEL.
> >
> > So yes, it is a possibility, but probably unlikely when
> > people have chosen
> > CentOS or RHEL. And especially for those systems that are considered
> > production (or important) and that are the most vulnerable you may not
> > want to do this. (Or maybe instead you need to !)
>
> Yes, true, but say you are running a shell account system and want to
> know it isn't vulnerable, can't wait until upstream provides a fix
> and don't want to run some possibly flaky work-around patch, what
> then?
>
> I think one needs to weigh the consequences in these scenarios instead
> of saying it should be all one way or the other.
Then I would opt to patch the latest Red Hat kernel with eg. the Debian
patch rather than running a 2.6.24.2 kernel that may have numerous
yet-unknown compatibility problems with parts of the system that interact
with the kernel. And I would make an RPM out of it that upgrades smoothly
to the next CentOS release.
But then again, this would be advice for a minority and not something I
would recommend to everyone on this list.
--
-- dag wieers, dag@xxxxxxxxxx, http://dag.wieers.com/ --
[Any errors in spelling, tact or fact are transmission errors]
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
