Date: Wed, 6 Aug 2003 14:34:28 -0500 From: <freebsd@critesclan.com> To: <freebsd-security@freebsd.org> Subject: RE: statically compiled files left over after a 'make world' Message-ID: <HCEOIHDIFOIIAGKAGBCHEENICMAA.freebsd@critesclan.com> In-Reply-To: <Pine.SOL.3.91.1030806130146.12164B-100000@travelers.mail.cornell.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
I'm not sure that answered his question. I believe the issue is that there are os programs that are not compiled/recompiled during a make world, and so what does that mean. Does it mean they are no longer needed and can be safely removed? I'm thinking that is not the case. I have a single script that does a CVSup (tag=.), then does a buildworld and installworld, then does a buildkernel and installkernel, then reboots the system. In theory, everything on my system should be completely rebuilt after this process (which starts every Saturday evening at 10pm). When I check on Monday morning, I see the kernel is compiled the past weekend, etc, so I'm a happy guy. When I got this message, I did a check, and I found that 3 mount_XXX files have not been changed since my initial installation date, and that a whole slew of items in /stand have various other dates. I can deal with the help files having their original date, but the programs are still based upon my initial install date. I'm not sure if there is a "deal" to be made over this, but the question still remains. What do you do with those programs that have not been rebuilt in a buildworld? Are they security risks? Are they simply things missed in the make, and someone needs to add them in? The impression I have is that anything not rebuilt after the above process is an error condition that should be addressed. Am I wrong? Lee -----Original Message----- From: owner-freebsd-security@freebsd.org [mailto:owner-freebsd-security@freebsd.org]On Behalf Of bks10@cornell.edu Sent: Wednesday, 06 August 2003 12:03 To: Brian Kraemer Cc: freebsd-security@freebsd.org Subject: Re: statically compiled files left over after a 'make world' If you track 4-STABLE you have nothing to worry about anyway. The bug did not affect 4-STABLE, only 4.8, 4.7, etc... Peace. On Wed, 6 Aug 2003, Brian Kraemer wrote: > Hello, > > I recently did a 'make world' to update my base system due to the realpath > bug. After that finished, I noticed that I still had the following > statically compiled binaries laying around that did not get updated during > a 'make world'. I track 4-STABLE. > > /usr/bin/miniperl > /sbin/mount_kernfs > /sbin/mount_devfs > /sbin/modunload > /sbin/modload > /sbin/ft > /stand/boot_crunch > /stand/find > /stand/sed > /stand/test > /stand/pwd > /stand/ppp > /stand/newfs > /stand/minigzip > /stand/cpio > /stand/bad144 > /stand/fsck > /stand/ifconfig > /stand/route > /stand/slattach > /stand/mount_nfs > /stand/dhclient > /stand/arp > /stand/gzip > /stand/gunzip > /stand/zcat > /stand/-sh > /stand/[ > /stand/sh > > Since they were not updated during a 'make world', does that mean that > they are deprecated and can be safely removed? > > If not, why weren't they updated during a 'make world'? Is it a security > risk having them stick around since they haven't been re-linked against the > new libc? > > Thanks, > > -Brian > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?HCEOIHDIFOIIAGKAGBCHEENICMAA.freebsd>