Date: Tue, 9 Apr 2002 08:15:14 -0700 (PDT) From: X Philius <xphilius@yahoo.com> To: freebsd-security@FreeBSD.ORG Subject: Verifying that a security patch has done it's thing... Message-ID: <20020409151514.54994.qmail@web11808.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Security Folks, Background: I'm running 4.4 Release, which I built from source. I am pretty new to this whole concept, but comfortable enough in the CLI environment. I haven't ever written a scrap of C, but I can follow directions and run "make" like a champ ;-) I am just running a web server, with nothing too private on the entire box. My goal is to make the minimal changes to my system between major upgrades, so I am going to run the suggested patches from the security notices as needed between now and 5.0 release. Questions: I just ran the patch to fix the OpenSSH issue from "Security Advisory FreeBSD-SA-02:13.openssh " on my development server. 1. How do I verify that the patch did what it was supposed to do? My understanding is that this will not update the version flag of OpenSSH, and so other than making sure that the patch and install etc run without error, how do I make sure everything is cool? 2. The security notice did not really say what I needed to do to make sure that the new version of sshd was loaded in to memory after the install. On my dev machine I just rebooted (the brute force method!) I'd rather not do the same on my prod machine. Can I run a "kill -1" on the process while logged in via SSH? My instincts tell me that would log me out. Do I need to be local on the machine and run a "kill -1", or do I have to actually stop sshd entirely and then restart it to load the new binary? Truth to tell, I can reboot my prod machine as well, but I am practicing for a day when my server is co-lo'ed elsewhere and not available for local log ins! Thanks in advance! Jason __________________________________________________ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020409151514.54994.qmail>