Date: Wed, 26 Jun 2002 21:21:10 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.ORG> To: Mark Hartley <mark@work.drapple.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:28.resolv Message-ID: <Pine.NEB.3.96L.1020626211921.17483G-100000@fledge.watson.org> In-Reply-To: <XFMail.020626181430.mark@work.drapple.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 26 Jun 2002, Mark Hartley wrote: > I figured the reboot of the whole system I did (after going through the > whole build and install of kernel & world), should have taken care of > making sure any dynamically linked stuff is using the new & improved > libc. > > So far I've only found a few apps that didn't get rebuilt that appear to > be statically linked, and most of them are Kerberos tools (not sure why > they weren't rebuilt with world), but I don't use Kerberos or run any > Kerberos services. So far, it appears that a cvsup and rebuild of world > is all that I'm going to need to do. If you ended up with Kerberos installed somehow, it was probably an accidental flip of a switch in sysinstall. I make a habit of walking {/bin,/sbin,/usr/bin,/usr/sbin,/usr/libexec} after each installworld and trimming old and unused binaries. Especially for things like UUCP in -CURRENT, where the software presents some risk, and isn't going to get automatically garbage collected by the install process. I'd go through and check all the file modification dates in your binary directories and trim things you know you don't need just to reduce the chances of something slipping through the cracks. (Watch out not to delete old symlinks -- unlike binaries, their timestamps aren't updated during the install if they are still needed). Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1020626211921.17483G-100000>