one could just dl the "current" tree this already has all updates. > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Michael Schwendt wrote: > | On Tue, 17 Dec 2002 22:28:40 -0600, Chad Skinner wrote: > | > | > |>>Don't they teach in the RHCE class that a reinstall is "not > |>>allowed" (or not an answer to an exam question)? :-) > |> > |>I don't know about the RHCE, but I personnaly don't know the MD5sums > |>or filesizes for every binary on my system. Seems common knowledge, or > |>at least a common answer on the list, that rebuilding a compromized > |>box is the safest method to ensure that all replaced binaries are > |>restored. > | > | > | In my point of view, re-installation is only recommended to those | > users who give the impression that they would fail to repair their | > system completely. For instance, because they had no errata releases | > installed at all, or because they were accessing their box via > | remote telnet, or because they were always using the "root" user, or | > because they were still running the compromised machine when posting | > to this list. > > Very good and valid points. I suppose I was coming from the POV that > "reinstall" shouldn't be a global answer from an experienced admin *to* > another experience admin. However for the newbie "root loving, > errata/up2date igorant, telnet using, chmod -R 777 /" type admin, it's > probably a good answer. Especially if they're using a stock Red Hat > 6.2/7.0 install. <shudder> > > We *cannot* stress enough, however, that once the install is completed, > you apply *all* errata ASAP before bringing your system online for > production. I save myself the step by keeping my errata in my install > tree. The moment it's released, it's copied to my install tree, (as well > as rebuilt for i686) and I rerun genhdlist for the directory. That way > the next nfs/http/ftp install I do is all up to snuff. YMMV tho. > > - -Rick > - -- > Rick Johnson, RHCE - [EMAIL PROTECTED] (from home) > Linux/WAN Administrator - Medata, Inc. > PGP Key: https://mail.medata.com/pgp/rjohnson.asc > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.1 (GNU/Linux) > > iD8DBQE+AJcFIgQdhlSHZgMRApTUAKCA9iHi0yGKhUs1FIygE8OByF0sCQCeNxuS > 7lj+8cr9VSt31ov86/ATRUw= > =pt8L > -----END PGP SIGNATURE----- > > > > -- > redhat-list mailing list > unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe > https://listman.redhat.com/mailman/listinfo/redhat-list
-- Jesse Jacobs, Supa' Noob :) -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list