Date: Fri, 27 Dec 2002 00:15:49 -0500 From: Kerberus <kerberus@microbsd.net> To: Colin Percival <colin.percival@wadham.ox.ac.uk> Cc: freebsd-binup@FreeBSD.ORG, <freebsd-stable@FreeBSD.ORG> Subject: Re: Binary security updates Message-ID: <200212270015.49683.kerberus@microbsd.net> In-Reply-To: <5.0.2.1.1.20021227001044.01c0fa40@popserver.sfu.ca> References: <5.0.2.1.1.20021225125238.037cd840@popserver.sfu.ca> <5.0.2.1.1.20021227001044.01c0fa40@popserver.sfu.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
We will let you know tomorrow what we find on MicroBSD/OpenBSD, heck we m= ight=20 even try to tackle NetBSD : P On Thursday 26 December 2002 19:19, Colin Percival wrote: > At 19:08 26/12/2002 -0500, Adrian Filipi-Martin wrote: > >On Wed, 25 Dec 2002, Colin Percival wrote: > > > I've put together a basic binary updates tool aimed at people wh= o > > > want to track a security branch without keeping a source tree and > > > recompiling. I have tested this code to the best of my ability -- = but > > > since I only have one FreeBSD box (and it's on the other side of th= e > > > world), that ability is rather limited. > > > > How do you deal with .a-files? They may be identical excepti= ng > > for their table of contents and md5's don't look into the archive. > > Assuming that the component object files are the same, .a files will= be > identical apart from the timestamps. There happens to be a timestamp f= or > each object file, which (especially for libc) means an awful lot of > timestamps; but my code happily finds all of them the same way as it de= al > with other timestamps. > Files which do not contain any stamps are compared on the basis of t= heir > MD5 hashes; "polymorphic" files (those which contain stamps) are unstam= ped > and then compared. > > > Also did you run into anything with respect to other > >archive/library file types? > > Gzipped files need to be ungzipped before looking for / removing sta= mps, > but those are the only files in the FreeBSD world which I needed to dea= l > with specially; I can't say if other worlds would be so easily dealt wi= th. > I've been contacted by someone who is testing my code on OpenBSD and > MicroBSD, but I haven't heard any results. > > Colin Percival > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-binup" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200212270015.49683.kerberus>