nate wrote:
Ryan Nichols wrote:
and if i go back to grub take the old kernel its happy.. werid..
Sounds like you should just stick to the old kernel, what's in the new kernel that you need anyways? Is the system in a secure place?(e.g. separate firewall protecting it, not directly on the internet, don't have untrusted users logging in).
If so, then you really have little to worry about, there is not much interesting things released in the newer minor version releases of the kernel in RHEL/CentOS. It's that way on purpose.
In my experience having all your systems completely up to date is rare. The environment I stepped into a few months ago for example is running RHEL 4 Update 1 for the most part. They still run windows 2000 on several systems, and I don't think they've patched them recently. But the nature of the environment and the users that interact on it don't keep me up at night like a system directly connected to the internet with untrusted users. It'll probably take me the next 6 months to get everything more up to date in this particular environment, it has a lot of interdependencies. And by that point it should be easier to manage going forward, but we'll still probably won't install updates sooner than a month or two after they come out in general because that stuff takes time to test and deploy.
Hopefully your not in a situation where you have untrusted users, if so you should replace the hardware with something that is better supported, or abstract the exposure to the system with something like virtualization, certainly not perfect but it's better then nothing, it will help dramatically against the most common, casual attacks.
nate
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
We're trying to get support from a 3rd party software we use and they are insiting we goto the current versions of everything for there software before they'll move forward on the support.
Thanks, Ryan Nichols