On Tue, Oct 25, 2016 at 9:38 AM, Peter Kjellström cap@nsc.liu.se wrote:
On Tue, 25 Oct 2016 08:29:33 -0400 "Phelps, Matthew" mphelps@cfa.harvard.edu wrote:
On Tue, Oct 25, 2016 at 4:06 AM, Christian Anthon anthon@rth.dk wrote:
What is the best approach on centos 6 to mitigate the problem is officially patched? As far as I can tell Centos 6 is vulnerable to attacks using ptrace.
There is a mitigation described here
https://bugzilla.redhat.com/show_bug.cgi?id=1384344#c13
which doesn't fix the underlying problem, but at least protects against known attack vectors. However, I'm unsure if the script only applies to Centos 7, or if it also works on Centos 6?
Cheers, Christian
I have not been able to get this script to work on CentOS 6.8
I've installed kernel-debug, kernel-devel, kernel-debug-devel, kernel-debug-debuginfo, kernel-debuginfo-common and I still get:
You have the wrong packages. You want "kernel-debuginfo" and "kernel-debuginfo-common" for the running kernel. You've by mistake got "kernel-debug-debuginfo" which is the debuginfo for the debug kernel (not the normal kernel).
/Peter K
Bingo. That was it. Thanks!