From owner-freebsd-stable  Thu Dec 26 16: 9: 0 2002
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id E5A3E37B401; Thu, 26 Dec 2002 16:08:58 -0800 (PST)
Received: from mail.ubergeeks.com (lorax.ubergeeks.com [209.145.65.55])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 1857743EDC; Thu, 26 Dec 2002 16:08:58 -0800 (PST)
	(envelope-from adrian+freebsd-binup@ubergeeks.com)
Received: from mail.ubergeeks.com (localhost [127.0.0.1])
	by mail.ubergeeks.com (8.12.5/8.12.5) with ESMTP id gBR08kIP068842;
	Thu, 26 Dec 2002 19:08:47 -0500 (EST)
	(envelope-from adrian+freebsd-binup@ubergeeks.com)
Received: from localhost (adrian@localhost)
	by mail.ubergeeks.com (8.12.5/8.12.5/Submit) with ESMTP id gBR08kb3068839;
	Thu, 26 Dec 2002 19:08:46 -0500 (EST)
	(envelope-from adrian+freebsd-binup@ubergeeks.com)
X-Authentication-Warning: lorax.ubergeeks.com: adrian owned process doing -bs
Date: Thu, 26 Dec 2002 19:08:46 -0500 (EST)
From: Adrian Filipi-Martin <adrian+freebsd-binup@ubergeeks.com>
To: Colin Percival <colin.percival@wadham.ox.ac.uk>
Cc: freebsd-binup@FreeBSD.ORG, <freebsd-stable@FreeBSD.ORG>
Subject: Re: Binary security updates
In-Reply-To: <5.0.2.1.1.20021225125238.037cd840@popserver.sfu.ca>
Message-ID: <20021226190441.D68788-100000@lorax.ubergeeks.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

On Wed, 25 Dec 2002, Colin Percival wrote:

>    I've put together a basic binary updates tool aimed at people who want
> to track a security branch without keeping a source tree and
> recompiling.  I have tested this code to the best of my ability -- but
> since I only have one FreeBSD box (and it's on the other side of the
> world), that ability is rather limited.

	Interesting.  I'm looking it over and perhaps you could answer one
question for me quickly.

	How do you deal with .a-files?  They may be identical excepting for
their table of contents and md5's don't look into the archive.

	Also did you run into anything with respect to other
archive/library file types?

	We built our own binary patch system for our appliances, but it's a
bit specific to our appliance's needs.  We were able to make certain
simplifying statements such as no appliance includes compilation tools or
libraries, so the .a-file problem went away.

	Adrian
--
[ adrian@ubergeeks.com ]


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message