Is it safe to keep /kernel.old?
Phil Schulz
ph.schulz at gmx.de
Tue Jul 13 03:59:40 PDT 2004
[Please wrap your lines]
Mark wrote:
[...]
> My question is, though, is it safe to keep /kernel.old?
[...]
> I am not sure whether users could actually use the old kernel (once in
> multi-user mode). Still, I wonder if this concern is valid at all. Or
> whether I should perhaps get rid of the old kernel.
Mark,
I'd say there is no problem in keeping the old kernel around. Even if
you had to apply a security patch to the current kernel. After applying
the patch, re-compiling and installing the new kernel, /kernel.old would
indeed contain the old security hole. However, as long as nobody can
boot that old kernel, no harm can be done. If an attacker is actually
able to boot your old vulnerable kernel, then he won't need to exploit
the security whole anymore :-)
Phil.
More information about the freebsd-questions
mailing list