[Grml-devel] About the new grml direction

Marc Haber mh+grml-devel at zugschlus.de
Mon Jan 2 13:49:46 CET 2012


On Mon, Jan 02, 2012 at 01:38:00PM +0100, Christian Hofstaedtler wrote:
> I thought this was about having an arch-specific Grml ISO in /boot
> for rescue purposes.

Indeed. That does not mean that the rescue system is allowed to have
ancient security bugs, since it is likely to be exposed to the
internet without filters if it is eventually started and needed.

> Where about the only things that matter are kernel and ssh. Both have
> been unpatched for the time since the last release anyway, which was up
> to 6+ months, depending on the release, and how often you update
> your ISOs.

An ISO update could be done if a security relevant issue becomes
public if a later ISO is available.

For grml-small, this is not the case any more, leaving a system using
grml-small 2010.05 in 2014 open to all vulnerabilities that have
become public in the mean time.

> Installing linux-image-3.1.0-1-amd64-dbg did not change the size of
> /boot for me.

Interesting. When I install a kernel with debug info, vmlinuz size
grows from like 2 MB to over a hundred.

Don't get me wrong: You took a valid decision which the community
needs to accept. The community is not required to like your decision.
I am one of the people not liking the decision, but I'm going to (have
to) accept it anyway. That's ok, and given the lack of alternatives,
I'm most probably going to stay with grml anyway. I am only going to
do a lot of cursing in the next months whenever the new iso size bites
me (which it will). But I'm going to get used to it.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 31958061
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 31958062


More information about the Grml-devel mailing list