On Tue, Oct 25, 2016 at 9:38 AM, Peter Kjellström <cap at nsc.liu.se> wrote: > On Tue, 25 Oct 2016 08:29:33 -0400 > "Phelps, Matthew" <mphelps at cfa.harvard.edu> wrote: > > > On Tue, Oct 25, 2016 at 4:06 AM, Christian Anthon <anthon at rth.dk> > > wrote: > > > > > What is the best approach on centos 6 to mitigate the problem is > > > officially patched? As far as I can tell Centos 6 is vulnerable to > > > attacks using ptrace. > > > > > > There is a mitigation described here > > > > > > https://bugzilla.redhat.com/show_bug.cgi?id=1384344#c13 > > > > > > which doesn't fix the underlying problem, but at least protects > > > against known attack vectors. However, I'm unsure if the script > > > only applies to Centos 7, or if it also works on Centos 6? > > > > > > Cheers, Christian > > > > > > > > I have not been able to get this script to work on CentOS 6.8 > > > > I've installed kernel-debug, kernel-devel, kernel-debug-devel, > > kernel-debug-debuginfo, kernel-debuginfo-common and I still get: > > You have the wrong packages. You want "kernel-debuginfo" and > "kernel-debuginfo-common" for the running kernel. You've by mistake got > "kernel-debug-debuginfo" which is the debuginfo for the debug kernel > (not the normal kernel). > > /Peter K > Bingo. That was it. Thanks! -- Matt Phelps System Administrator, Computation Facility Harvard - Smithsonian Center for Astrophysics mphelps at cfa.harvard.edu, http://www.cfa.harvard.edu