I don't know if I'm paying more attention now or what, but it seems that the frequency of kernel releases is increasing dramatically. And now with today's advice of upgrading to 2.4.12 to close the ptrace vulnerability, my aversion to installing bleeding edge software raises it's head. It seems to me that this frequency is causing (or at least has the potential to cause) more screw ups. See the lifetime of 2.4.11 for an obvious example and the immediate release of the dangling symlink patch to 2.4.12 as another apropos example. So how do I decide what to do? I want to keep my systems as secure as possible, but I also want to make sure I'm not causing greater usability issues by putting out something that's not ready for prime time. I see very little explanation or industry advice on the seriousness of vulnerabilities, only a recommendation to upgrade as soon as possible. So I ask myself, "What if I choose to NOT upgrade? What risk am I taking?" In the post-Sept 11 age, it seems that security analysts/advisors, software developers and even distribution maintainers (how many of you upgrade your kernels in some sort of automated fashion - apt-get, mandrakeUpdate, red-carpet, etc?) are playing on fear to get their stuff implemented. I'm getting frustrated that the activity driving the 2.4.x (STABLE) kernel doesn't feel like its under control as in the 2.2.x (STABLE) kernel. At this point I'm considering downgrading to 2.2.19 and applying patches, just so I can get control of what's happening on my systems again. -swf -- "Don't pray when it rains if you don't pray when the sunshines." - Satchel Paige