On Tue, 2005-11-29 at 14:13 +0800, John Summerfied wrote:
If there's a kernel update fixing a security problem only
exploitable
with local access, and I control the only account with local access,
then I don't need it.
Are you sure? If there's a bug in httpd that allows an attacker to run
code as user apache, then the kernel bug may become quite useful to get
root.
Why run with a known vulnerability, just because one isn't smart enough
to think of an attack vector? Defense in depth...
Cheers
Steffen.