As many have pointed out, there's no real point to "exploiting" a machine that you already have full (root) access to - with one exception: virtual servers.
The whole 'danger' of this exploit is that it enables a virtual server's "privileged" "root" user to gain hypervisor access, which is equivalent to taking over the entire physical machine and any/all other virtual servers hosted on said machine.
If you don't run a virtual server farm, this exploit means absolutely nothing to you. If you do, it's a very easy, scary way whereby any of your "clients" can take over your physical machines and access all of the other virtual servers hosted on the same piece of hardware.
I think you are right, because I checked again, and only 10 or so domains currently are owned by the State of Kentucky. Yesterday, the number was much higher - over half - and it wasn't a matter of registrar compliance (I don't think the individual registrars had a say in the matter), ICANN was the one who handed control of the domains to the State.
That's the whole point. ICANN actually complying and handing over domains (i.e. someone else's property) to the governor of some state because they state that the domain violates state (we're not even talking a country here, we're talking a state) law is insanity.
There is really no difference between that and what you stated (Iran seizing control of all domains that promote something other than Islam), or China seizing control of all domains that promote free speech or democracy.
How this actually happened (the State of Kentucky obtaining ownership of domains) boggles the mind. It's not the judge that belongs in the loony bin, it's ICANN.
Blech. Bad formatting/sentence structure. Let me try that again, without HTML formatting.
> Just out of curiosity, what's it going to take to get to kernel version 3.0? Honestly, what changes, additions, etc have to be incorporated until they call it Kernel 3.0?
An ABI change.
The main argument against the numbering of the 2.6 kernel as 3.0 as I understand it was that, while the change from major version 1 (1.x) to major version 2 (2.x) of the Linux kernel involved a change in the ABI (Linux 1.x used A.OUT binaries, 2.x uses ELF binaries), the transition between 2.4 and 2.6 did not.
Since 2.4.x and the new kernel version were binary-compatible, they decided not to name it 3.x despite the major architectural changes and improvements that had been made.
> Just out of curiosity, what's it going to take to get to kernel version 3.0? Honestly, what changes, additions, etc have to be incorporated until they call it Kernel 3.0?
An ABI change.
The main argument against the numbering of the 2.6 kernel as 3.0 as I understand it was that, while the change from major version 1 (1.x) to major version 2 (2.x) of the Linux kernel involved a change in the ABI (Linux 1.x used A.OUT binaries, 2.x uses ELF binaries). Since 2.4.x and the new kernel version were binary-compatible, they decided not to name it 3.x despite the major architectural changes and improvements that had been made.
As someone who actually uses Gentoo Linux in an enterprise environment, I agree with you on the compile demands - it doesn't make sense to compile the same software with the exact same optimizations and compile settings on a bunch of machines.
When we first started using Gentoo, we had two build machines - one for pentium3-specific packages (.tbz2s) and one for pentium4 package building. All packages were built and tested on these two servers, and we used rsync to copy the contents of/usr/portage/packages to a machine before updating or installing said package with the binaries from the build server.
Gentoo has improved on this front, though. Nowadays, we simply make use of the PORTAGE_BINHOST directive in/etc/make.conf to specify a HTTP server from which to pull packages, and simply use emerge -GK on the Gentoo boxen to update or install packages.
Look for the commented entry for "PORTAGE_BINHOST" in your make.conf or make.conf.example file - it's just the thing for managing multiple machines from a common source of packages - all you need to do is point a webserver at the/usr/portage/packages/All directory and use that URL as the source for binary packages.
Slashdot Mirror
As many have pointed out, there's no real point to "exploiting" a machine that you already have full (root) access to - with one exception: virtual servers.
The whole 'danger' of this exploit is that it enables a virtual server's "privileged" "root" user to gain hypervisor access, which is equivalent to taking over the entire physical machine and any/all other virtual servers hosted on said machine.
If you don't run a virtual server farm, this exploit means absolutely nothing to you. If you do, it's a very easy, scary way whereby any of your "clients" can take over your physical machines and access all of the other virtual servers hosted on the same piece of hardware.
I think you are right, because I checked again, and only 10 or so domains currently are owned by the State of Kentucky. Yesterday, the number was much higher - over half - and it wasn't a matter of registrar compliance (I don't think the individual registrars had a say in the matter), ICANN was the one who handed control of the domains to the State.
Here you go, sir, the court order.
That's the whole point. ICANN actually complying and handing over domains (i.e. someone else's property) to the governor of some state because they state that the domain violates state (we're not even talking a country here, we're talking a state) law is insanity.
There is really no difference between that and what you stated (Iran seizing control of all domains that promote something other than Islam), or China seizing control of all domains that promote free speech or democracy.
How this actually happened (the State of Kentucky obtaining ownership of domains) boggles the mind. It's not the judge that belongs in the loony bin, it's ICANN.
Domain Name: GOLDENCASINO.COM
Registrant:
Commonwealth of Kentucky
Michael Brown (secretaryofjustice@ky.gov)
125 Holmes Street
Frankfort
Kentucky,40601
US
Tel. +1.8592557080
Creation Date: 27-Oct-1997
Expiration Date: 19-Nov-2010
Many of them appear to be changed to me. Some from the list aren't, but a lot of them are.
Blech. Bad formatting/sentence structure. Let me try that again, without HTML formatting.
> Just out of curiosity, what's it going to take to get to kernel version 3.0? Honestly, what changes, additions, etc have to be incorporated until they call it Kernel 3.0?
An ABI change.
The main argument against the numbering of the 2.6 kernel as 3.0 as I understand it was that, while the change from major version 1 (1.x) to major version 2 (2.x) of the Linux kernel involved a change in the ABI (Linux 1.x used A.OUT binaries, 2.x uses ELF binaries), the transition between 2.4 and 2.6 did not.
Since 2.4.x and the new kernel version were binary-compatible, they decided not to name it 3.x despite the major architectural changes and improvements that had been made.
> Just out of curiosity, what's it going to take to get to kernel version 3.0? Honestly, what changes, additions, etc have to be incorporated until they call it Kernel 3.0? An ABI change. The main argument against the numbering of the 2.6 kernel as 3.0 as I understand it was that, while the change from major version 1 (1.x) to major version 2 (2.x) of the Linux kernel involved a change in the ABI (Linux 1.x used A.OUT binaries, 2.x uses ELF binaries). Since 2.4.x and the new kernel version were binary-compatible, they decided not to name it 3.x despite the major architectural changes and improvements that had been made.
As someone who actually uses Gentoo Linux in an enterprise environment, I agree with you on the compile demands - it doesn't make sense to compile the same software with the exact same optimizations and compile settings on a bunch of machines.
/usr/portage/packages to a machine before updating or installing said package with the binaries from the build server.
/etc/make.conf to specify a HTTP server from which to pull packages, and simply use emerge -GK on the Gentoo boxen to update or install packages.
/usr/portage/packages/All directory and use that URL as the source for binary packages.
When we first started using Gentoo, we had two build machines - one for pentium3-specific packages (.tbz2s) and one for pentium4 package building. All packages were built and tested on these two servers, and we used rsync to copy the contents of
Gentoo has improved on this front, though. Nowadays, we simply make use of the PORTAGE_BINHOST directive in
Look for the commented entry for "PORTAGE_BINHOST" in your make.conf or make.conf.example file - it's just the thing for managing multiple machines from a common source of packages - all you need to do is point a webserver at the