Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Dirty COW Vulnerability - Kernel Update Oct 21st - Page 4
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Dirty COW Vulnerability - Kernel Update Oct 21st

124»

Comments

  • @FlamesRunner said:
    tbh I don't even run a production OVZ node and I still updated before this kid

    What a surprise. How do you manage and still stay in high school?

  • moonmartinmoonmartin Member
    edited October 2016

    @jarland said:

    moonmartin said: Unless I am mistaken this exploit does not work over SSH.

    This is where your confusion comes from. This can be exploited via SSH by a privileged user. The user requires no access to the SolusVM console to exploit this. So at this point the reason that you want to fix it is because your customers have root access, and you can never say with 100% certainty what they'll do tomorrow. Should they add a privileged user at any point, they will then be in danger. The alternative, I suppose, would be to monitor their containers for new users and power them down if they add them. The upgrade, however, will take less time than this task.

    moonmartin said: m not interested in pissing contests about security

    I'm quite familiar with those. They lead you down a never ending rabbit hole of "nothing can ever be secure" to the point that, if you listen to them enough, you have no more customers and you've powered your servers off. That is not at all what is happening in this thread.

    moonmartin said: We certainly don't do and have no interest in low end stuff

    Quite frankly, if it's your job to decide whether or not to address this vulnerability and you jumped to the conclusion that privilege escalation requires direct mouse/keyboard access (like SolusVM's console basically is), then you really need to be more open to what other people suggest, because if you're not selling at low end prices then you have far more to lose. You need to quickly address this knowledge gap or bring on another employee who can fill that gap for you. Privilege escalation vulnerabilities in the kernel is not an edge scenario, it's not down the security pissing match rabbit hole at all, this is sysadmin 101. The words "privilege escalation" should have even the least security conscious among us jumping out of bed at 3AM to perform an emergency update.

    I'm not insulting your intelligence, I'm being brutally honest. For the sake of your customers, I hope you are able to dial down the pride just a bit and recognize your responsibility here.

    Thanks for being the first person in this thread to actually answer the question. Not too impressed with this board lately. Seems there are a group if regulars here who are only interest in finding people to gang up on. Seen it happen several times lately around here. Do these guys think they are selling themselves and their services by doing this?

    No problem for me to update my kernels. It's not about the how but the why. I want to understand what the risks actually are. You pretty much hit the nail on the head by saying.

    I'm quite familiar with those. They lead you down a never ending rabbit hole of "nothing can ever be secure" to the point that, if you listen to them enough, you have no more customers and you've powered your servers off.

    Security is about risk management. Not trying to plug all perceived, imagined, or not even fully understood threats. Too often I see people posting with hair on fire about how omg it needs to be fixed or else the world is going to end.

    Then you have the people who are so obsessed with security that they forgot one important thing. It still needs to be easy to use. As long as you are connected to the internet you will never be 100% secure so just throwing everything you can at everything always is what amateurs do.

  • netomxnetomx Moderator, Veteran

    @moonmartin said:

    @FlamesRunner said:
    tbh I don't even run a production OVZ node and I still updated before this kid

    What a surprise. How do you manage and still stay in high school?

    Read what @jarland and stfu, please. You're more interested in drama than patching it.

  • AnthonySmithAnthonySmith Member, Patron Provider
    edited October 2016

    I don't believe this is anything but a troll, the reality is all the information is already out there, you really don't need to ask on a forum once alerted, no reboot required (with kcare), and it takes less time than it took me to write this post to do it.

  • deadbeefdeadbeef Member
    edited October 2016

    @AnthonySmith said:
    I don't believe this is anything but a troll, the reality is all the information is already out there, you really don't need to ask on a forum once alerted, no reboot required (with kcare), and it takes less time than it took me to write this post to do it.

    But he's a PROFESSIONAL, wtf do you know you high school, GVH loving, kiddo?

    He's done a professional risk assessment and decided against patching and now you, a random provider on the internet have the nerve to claim otherwise? /s

  • AnthonySmithAnthonySmith Member, Patron Provider

    @deadbeef said:

    @AnthonySmith said:
    I don't believe this is anything but a troll, the reality is all the information is already out there, you really don't need to ask on a forum once alerted, no reboot required (with kcare), and it takes less time than it took me to write this post to do it.

    But he's a PROFESSIONAL, wtf do you know you high school, GVH loving, kiddo?

    He's done a professional risk assessment and decided against patching and now you, a random provider on the internet have the nerve to claim otherwise? /s

    yeah my mistake sorry.

    Thanked by 1deadbeef
  • @moonmartin said:
    Security is about risk management. Not trying to plug all perceived, imagined, or not even fully understood threats. Too often I see people posting with hair on fire about how omg it needs to be fixed or else the world is going to end.

    Then you have the people who are so obsessed with security that they forgot one important thing. It still needs to be easy to use. As long as you are connected to the internet you will never be 100% secure so just throwing everything you can at everything always is what amateurs do.

    You're endangering your customers by even questioning it. It's called a security vulnerability for a reason. It should be patched without question depending on the severity, and this one is severe! This exploit is fully understood and serious, so what are you even on about?

  • moonmartinmoonmartin Member
    edited November 2016

    @Lunar said:

    @moonmartin said:
    Security is about risk management. Not trying to plug all perceived, imagined, or not even fully understood threats. Too often I see people posting with hair on fire about how omg it needs to be fixed or else the world is going to end.

    Then you have the people who are so obsessed with security that they forgot one important thing. It still needs to be easy to use. As long as you are connected to the internet you will never be 100% secure so just throwing everything you can at everything always is what amateurs do.

    You're endangering your customers by even questioning it. It's called a security vulnerability for a reason. It should be patched without question depending on the severity, and this one is severe! This exploit is fully understood and serious, so what are you even on about?

    I do fully understand it now thanks to one or two helpful people here. Not a serious issue for what I do but will patch it as part of normal maintenance.

    Gives me an excuse to try KernelCare. I don't want to have to reboot servers over this.

    If this didn't require local access then I could understand why people would have the opinion they know what is best for me and my customers. Does everyone here assume everyone does the same thing?

Sign In or Register to comment.