Date: Wed, 15 Nov 2000 13:12:26 -0800 From: Kris Kennaway <kris@FreeBSD.ORG> To: Kris Kennaway <kris@FreeBSD.ORG> Cc: Rossen Raykov <rraykov@sageian.com>, security@FreeBSD.ORG Subject: Re: problem using sysinstall Message-ID: <20001115131226.A21677@citusc17.usc.edu> In-Reply-To: <20001115125148.A21232@citusc17.usc.edu>; from kris@FreeBSD.ORG on Wed, Nov 15, 2000 at 12:51:48PM -0800 References: <bulk.92485.20001115010132@hub.freebsd.org> <003f01c04f3e$3c77e170$4c00000a@sage> <20001115125148.A21232@citusc17.usc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
--IJpNTDwzlM2Ie8A6 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Nov 15, 2000 at 12:51:48PM -0800, Kris Kennaway wrote: > On Wed, Nov 15, 2000 at 02:57:08PM -0500, Rossen Raykov wrote: >=20 > > My question is : is it normal to achieve such a results after this acti= on? > > Is the sysinstall behavior correct? Why there ware no warnings about ch= anges > > in /etc/passwd? > > Is it normal the behavior on toor alias? >=20 > Installing the bin distribution overwrites /etc (along with > overwriting all other parts of the base system, like you asked it to). >=20 > Live remote upgrades of a running system like this are dangerous for > that reason. I did think sysinstall prompted for a root password, > though. Even so, since you're installing on a multi-user system with I overlooked the fact that your ssh connection was disconnected before the upgrade finished - I assume this explains why you weren't prompted, since systinstall was terminated when you disconnected. However my previous note about the race condition still stands. There's not much which can be done about this - basically, you should be only doing OS upgrade work on a single-user box via the console or serial console. Kris P.S. Why are you allowing remote root logins, anyway? --IJpNTDwzlM2Ie8A6 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjoS/DoACgkQWry0BWjoQKUt/QCfVKweHoN8kMPR/CpxWALRpKP2 HHgAoOXaD467O0woTVkMgq5iAOOBG+nJ =18jm -----END PGP SIGNATURE----- --IJpNTDwzlM2Ie8A6-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001115131226.A21677>