Date: Fri, 20 Apr 2001 13:01:55 -0700 From: Brian Tiemann <briant@packeteer.com> To: Kris Kennaway <kris@obsecurity.org> Cc: Rob Simmons <rsimmons@wlcg.com>, Ben Vaughn <bvaughn@BlackbirdTech.com>, Chris Faulhaber <jedgar@fxp.org>, security@FreeBSD.ORG Subject: Re: Another glob problem Message-ID: <3AE095B3.B4A018EB@packeteer.com> References: <20010419164947.M72854-100000@mail.wlcg.com> <3ADF7BDD.A7868DA@packeteer.com> <20010419180118.C54774@xor.obsecurity.org> <3ADF8C73.7E987982@packeteer.com> <20010419181459.B57373@xor.obsecurity.org> <3ADF8EFB.1B6EBA04@packeteer.com> <20010419183125.A57696@xor.obsecurity.org> <3ADF92DC.2B5A941D@packeteer.com> <20010419194710.A58378@xor.obsecurity.org> <3AE0780F.BAF16352@packeteer.com> <20010420124104.A75540@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Kris Kennaway wrote: > You now have a libc which was built from different sources from the > rest of your userland. It may all work, but there's no guarantee; for > example if a userland utility depends on a libc interface which was > only added after 4.2-R, it will now fail. This is why I suggested > that a buildworld is the only safe way of rebuilding, if you're > tracking -STABLE. Actually, no... the rest of my userland is also from 4.2-RELEASE, which is why I decided to try this solution. The way I run my systems is by maintaining a full -RELEASE install, then tracking -STABLE with nightly cvsups so I can do point installs on contrib or userland software when there are security patches. I don't do interim make worlds on production servers-- that's way too risky, IMO, and not least because of the reason you just outlined (the only way to recover on an interim system is to do another make world). In this case, though, we had a core-level system patch (in libc), so it seemed the best way to attack it would be to go back and patch the -RELEASE sources, since the only things that have changed in my installed system since 4.2-RELEASE are security related point fixes (ntpd, bind, sshd, that sort of thing). I think it's a sound scheme. (It's effectively the same as if I didn't do cvsups at all, and just applied security patches to -RELEASE sources.) > > Just a curiosity point, though... would I have been able to do a make > > buildworld, then make install only /usr/src/lib/libc? Just trying to see > > if that would have been a viable alternative that I could recommend to > > others... > > No, because your entire libc has changed (not just the glob() > function), and other things may depend on it. You can only get away > with doing partial installs if the relevant changes to the file are > small, and you manually take into account all possible dependencies. Yeah... it'll probably work the way I run things, but I'll refrain from recommending this solution to others in case they try it on a system that doesn't have all its ducks in a row (or has been interim-rebuilt). Brian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AE095B3.B4A018EB>