From owner-freebsd-security@FreeBSD.ORG  Mon Aug  4 02:36:20 2003
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D844F37B401
	for <security@freebsd.org>; Mon,  4 Aug 2003 02:36:20 -0700 (PDT)
Received: from pd6mo3so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net
	[24.71.223.10])	by mx1.FreeBSD.org (Postfix) with ESMTP id 301B743F75
	for <security@freebsd.org>; Mon,  4 Aug 2003 02:36:20 -0700 (PDT)
	(envelope-from colin.percival@wadham.ox.ac.uk)
Received: from pd3mr3so.prod.shaw.ca (pd3mr3so-ser.prod.shaw.ca
	[10.0.141.179])2003))
	with ESMTP id <0HJ300JOF8OG2Z@l-daemon> for security@freebsd.org;
	Mon, 04 Aug 2003 03:21:52 -0600 (MDT)
Received: from pn2ml8so.prod.shaw.ca
 (pn2ml8so-qfe0.prod.shaw.ca [10.0.121.152]) by l-daemon
 (iPlanet Messaging Server 5.2 HotFix 1.16 (built May 14 2003))
 with ESMTP id <0HJ300E578OGKS@l-daemon> for security@freebsd.org; Mon,
 04 Aug 2003 03:21:52 -0600 (MDT)
Received: from piii600.wadham.ox.ac.uk
 (h24-87-233-42.vc.shawcable.net [24.87.233.42])
 by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.16 (built May 14 2003))
 with ESMTP id <0HJ300L4Z8OF9U@l-daemon> for security@freebsd.org; Mon,
 04 Aug 2003 03:21:52 -0600 (MDT)
Date: Mon, 04 Aug 2003 02:21:39 -0700
From: Colin Percival <colin.percival@wadham.ox.ac.uk>
X-Sender: cperciva@popserver.sfu.ca
To: Chris Howells <lists@chrishowells.co.uk>, security@freebsd.org
Message-id: <5.0.2.1.1.20030804021904.02c64f10@popserver.sfu.ca>
MIME-version: 1.0
X-Mailer: QUALCOMM Windows Eudora Version 5.0.2
Content-type: text/plain; charset=us-ascii; format=flowed
Content-transfer-encoding: 7BIT
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:08.realpath
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Aug 2003 09:36:21 -0000

[My keyboard got stuck with the control key down, so I think a partially 
written copy of this got sent a moment ago; please disregard it.]

At 10:10 04/08/2003 +0100, Chris Howells wrote:
>On Monday 04 August 2003 08:54, Colin Percival wrote:
> >    Affected applications which were statically linked to the vulnerable
> > code would still need to be recompiled.
>
>I'm just trying to work out which applications on my system are statically
>linked or not.

   I'm sure someone else can offer better suggestions, but I'm just doing 
the following:
$ sh -c 'find / -type f -perm +111 | while read x; do file $x; done | grep 
"statically linked" | cut -f 1 -d ":"'

Colin Percival