Date: Sat, 2 Dec 1995 22:12:05 -0600 (CST) From: John Goerzen <jgoerzen@complete.org> To: "Jordan K. Hubbard" <jkh@time.cdrom.com> Cc: Robert Du Gaue <rdugaue@calweb.com>, Robert Watson <robert@fledge.watson.org>, Michael Smith <msmith@atrad.adelaide.edu.au>, security@freebsd.org Subject: Re: ****HELP***** Message-ID: <Pine.BSF.3.91.951202220941.4729E-100000@complete.org> In-Reply-To: <4271.817941603@time.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Unfortunately, only the easiest files to configure are setup by the
novice config option. Things such as UUCP, sendmail, INN, etc -- the
programs that can take hours or days to properly configure -- are not
handled by the novice config.
It would be better if the installer would just:
1) Overwrite older versions of programs with the newer versions
2) Delete any obsoleted programs (and preferably make symlinks to the
newer ones)
3) Add new files to existing system
John Goerzen, programmer and owner | MICRO$oft only exists because some
Communications Centre & Complete BBS | people are too dumb to get something
E-mail jgoerzen@complete.org | better, such as FreeBSD.
On Sat, 2 Dec 1995, Jordan K. Hubbard wrote:
> > I plan on rebuilding a new system from scratch, then I'll wipe all the
> > bin directories clena on the compromised systems and use the rebuilt
> > system to update all the bins. Which should I do?
> >
>
> Erm. In this instance, you might be better off simply backing up the
> files you want to *keep* and then reinstalling the entire system from
> the 2.1 distribution. 2.1's installer isn't bad, and it's possible
> to get back a lot of the configuration data just through answering
> questions in the novice install.
>
> Jordan
>
>
> > /bin /sbin /usr/sbin /usr/bin Where else? I know there are alot I'm
> > missing...
> >
> >
> > On Sat, 2 Dec 1995, Robert Watson wrote:
> >
> > > Date: Sat, 2 Dec 1995 13:14:42 -0500 (EST)
> > > From: Robert Watson <robert@fledge.watson.org>
> > > To: "Jordan K. Hubbard" <jkh@time.cdrom.com>
> > > Cc: Michael Smith <msmith@atrad.adelaide.edu.au>,
> > > Robert Du Gaue <rdugaue@calweb.com>, security@FreeBSD.ORG
> > > Subject: Re: ****HELP*****
> > >
> > >
> > > Actually, what might be nice is to include the MD5's with the system, and
> > > have a script in daily.local that verifies that the key system binaries
> > > are correct. Obviously then the md5 file would be at risk, but.. This
> > > would also be nice, unrelated to the daily part, after an upgrade to
> > > check if there are any old binaries lying around.
> > >
> > > Actually, one thing I was going to ask about was -- is there a difference
> > > between the 2.1.0 binaries for standard executables (eg., pine) and the
> > > 2.0.5 ones? Is there anyway I can use strings (or something) to get a
> > > list of all the old binaries on my system and upgrade them if needed?
> > >
> > > On Sat, 2 Dec 1995, Jordan K. Hubbard wrote:
> > >
> > > > > Jordan; how hard would it be to generate a file with the md5's of a sto
> ck
> > > > > release system's "standard binaries" for this sort of thing?
> > > >
> > > > Probably not too hard. Let me think about it. You'd want a file
> > > > for each distrib, probably.
> > > >
> > > > Jordan
> > >
>
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.951202220941.4729E-100000>