From owner-freebsd-security  Sat Dec  2 10:15:05 1995
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id KAA20825
          for security-outgoing; Sat, 2 Dec 1995 10:15:05 -0800
Received: from fledge.watson.org (root@FLEDGE.RES.CMU.EDU [128.2.95.74])
          by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id KAA20805
          for <security@FreeBSD.ORG>; Sat, 2 Dec 1995 10:14:59 -0800
Received: (from robert@localhost) by fledge.watson.org (8.6.12/8.6.10) id NAA17943; Sat, 2 Dec 1995 13:14:43 -0500
Date: Sat, 2 Dec 1995 13:14:42 -0500 (EST)
From: Robert Watson <robert@fledge.watson.org>
To: "Jordan K. Hubbard" <jkh@time.cdrom.com>
cc: Michael Smith <msmith@atrad.adelaide.edu.au>,
        Robert Du Gaue <rdugaue@calweb.com>, security@FreeBSD.ORG
Subject: Re: ****HELP***** 
In-Reply-To: <322.817897922@time.cdrom.com>
Message-ID: <Pine.BSF.3.91.951202131254.17800D-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@FreeBSD.ORG
Precedence: bulk


Actually, what might be nice is to include the MD5's with the system, and 
have a script in daily.local that verifies that the key system binaries 
are correct.  Obviously then the md5 file would be at risk, but..  This 
would also be nice, unrelated to the daily part, after an upgrade to 
check if there are any old binaries lying around.

Actually, one thing I was going to ask about was -- is there a difference 
between the 2.1.0 binaries for standard executables (eg., pine) and the 
2.0.5 ones?  Is there anyway I can use strings (or something) to get a 
list of all the old binaries on my system and upgrade them if needed?

On Sat, 2 Dec 1995, Jordan K. Hubbard wrote:

> > Jordan; how hard would it be to generate a file with the md5's of a stock
> > release system's "standard binaries" for this sort of thing?
> 
> Probably not too hard.  Let me think about it.  You'd want a file
> for each distrib, probably.
> 
> 					Jordan