| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200511080148.jA81mTAK014529@turing-police.cc.vt.edu> Date: Tue Nov 8 01:48:40 2005 From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu) Subject: Security Updates Without Rebooting On Tue, 08 Nov 2005 09:03:32 +1000, Stuart Low said: > Well, if you have a customised kernel you'll probably find that your > need to reboot with a new kernel becomes fairly low (Kernel level > exploits are fairly rare, especially remote ones). > > If you've upgraded services probably the easiest way to ensure they're > loaded with the latest version would be to drop the system to single > user mode then bring it back up to multiuser mode (ala, init 2, init 3). Or, if you're able to identify "I only applied an Apache patch", you may very well be able to only restart that one service. For RedHat/Fedora systems, you'd do this with 'service httpd restart' (or replace httpd with the name of the /etc/init.d script that starts/stops the service in question). For other systems, you should be able to find a similar "stop then restart" for the specific daemon in question. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 226 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051107/aea2a80f/attachment.bin
Powered by blists - more mailing lists