[Gllug] Debian / Ubuntu SSL vulnerability
John Winters
john at sinodun.org.uk
Wed May 14 11:10:08 UTC 2008
- Tethys wrote:
> On Wed, May 14, 2008 at 10:57 AM, John Winters <john at sinodun.org.uk> wrote:
>
>
>> Looking at the Ubuntu notifications it seems that they have already done
>> much the same. Although a worthy catch-all, the problem I see with this
>> is that if you have a headless or remote box then applying the update
>> could easily lock you out of it entirely.
>
> If you have a headless remote box without a serial console, then I'd
> say you *deserve* to be locked out. Harsh, perhaps, but surely if
> you're building a system like that, you plan for all eventualities?
I'm thinking of things like my Thecus 2100, which doesn't have a serial
port unless you get your soldering iron out.
Simpler of course to open it up and remove the HDD, but still irritating.
John
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list