Re: A system for rebootless kernel security updates
From: Willy Tarreau
Date: Sun Apr 27 2008 - 13:50:34 EST
On Sun, Apr 27, 2008 at 12:17:00PM +0200, Pavel Machek wrote:
> On Thu 2008-04-24 16:26:44, Tomasz Chmielewski wrote:
> > Jeff Arnold wrote:
> >
> > >I've put together an automatic system for applying
> > >kernel security patches to the Linux kernel without
> > >rebooting it, and I wanted to share this system with
> > >the community in case others find it useful or
> > >interesting.
> >
> > Hmm, the idea seem to be patented by Microsoft, i.e.
> > this patent from December 2002:
> >
> > http://www.google.com/patents?id=cVyWAAAAEBAJ&dq=hotpatching
> >
> > (and other patents by Microsoft if you search for
> > "hotpatching").
>
> ...so US will not be able to fix security holes without reboot, good.
> Perhaps they fix their stupid laws after next worm outbreak...
Sounds like a bullshit patent. I remember having loaded a lot of NLM
patches under netware 4.0 in 96-97 without ever rebooting. I think
that the patches only redefined the faulty symbol(s) they wanted to
patch. That was pretty convenient because when in doubt, you could
simply unload the modules and get back to previous situation.
> Pavel
Willy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/