Re: information
- Original Message - From: To: <[EMAIL PROTECTED]> Sent: Sunday, March 07, 2004 7:57 AM Subject: information > what does it mean? > pidä matoset viestisi!
Re: information
- Original Message - From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, March 07, 2004 7:57 AM Subject: information > what does it mean? > pidä matoset viestisi! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Information in DSAs on necessary restarts due to library-security-updates
On Wed, Apr 30, 2003 at 08:23:34AM +0200, Markus Amersdorfer wrote: > On Sat, 26 Apr 2003 16:30:23 +0200 > Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> wrote: > > Hi! > (...) > Nevertheless, I actually wanted to propose including information about > the overall situation into the security advisories for libraries, > something like: (..) I will add this to the "Securing Debian Manual". > Currently, most people believe "update && upgrade" is enough and don't > do anything else. This simple hint in the DSA could save people from a > _lot_ of troubles. Yes. Agreed. > > Does the Debian-Security-Team read this list? (If so, please > respond :) ...) > How to contact the security-team (without writing a mail to one of them > directly)? [EMAIL PROTECTED] is the proper address. Regards Javi pgplWsg48InYS.pgp Description: PGP signature
Re: Information in DSAs on necessary restarts due to library-security-updates
On Sat, 26 Apr 2003 16:30:23 +0200 Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> wrote: Hi! > > lsof +L1 prints every unlinked open file: > (..) > > you can use a check from the Tiger security tool to do > just this, it's called 'check_finddeleted' and will point you to the > processes (normal ones and daemons) that are using deleted files: [...] Thanks both for your information. (I've just installed the cron-job "lsof +L1 | grep dpkg-new$" reminding the admin - currently me - of processes using an old library.) Nevertheless, I actually wanted to propose including information about the overall situation into the security advisories for libraries, something like: "Mind: Active Programs and services using this package's libraries will NOT be restarted automatically and thus be vulnerable until you take care of restarting them yourself! Check out [1,2] on how to find such processes. [1] `lsof +L1 | grep dpkg-new$` [2] http://savannah.nongnu.org/cgi-bin/viewcvs/tiger/tiger/scripts/check_finddeleted+?rev=1.1&content-type=text/vnd.viewcvs-markup`"; Currently, most people believe "update && upgrade" is enough and don't do anything else. This simple hint in the DSA could save people from a _lot_ of troubles. Does the Debian-Security-Team read this list? (If so, please respond :) ...) How to contact the security-team (without writing a mail to one of them directly)? Thanks 'n' Cheers, Max -- The first time any man's freedom is trodden on, we're all damaged. http://homex.subnet.at/~max/
Re: Information in DSAs on necessary restarts due to library-security-updates
Thomas Krennwallner <[EMAIL PROTECTED]> writes: >> At work, we recommend rebooting the system. Currently, it's the only >> reliable way to replace all memory-resident libraries. 8-( > > lsof +L1 prints every unlinked open file: lsof isn't always available (not installed, not matching kernel version, etc.). Furthermore, I fear it's beyond the skills of my target group (they will restart Apache using "apachetctl restart", for instance).
Re: Information in DSAs on necessary restarts due to library-security-updates
On Sat, Apr 26, 2003 at 03:58:23PM +0200, Thomas Krennwallner wrote: > Hi! > > On Sat Apr 26, 2003 at 03:32:26PM +0200, Florian Weimer wrote: > > At work, we recommend rebooting the system. Currently, it's the only > > reliable way to replace all memory-resident libraries. 8-( > > lsof +L1 prints every unlinked open file: (..) And if you don't want to try and understand lsof, as I said in debian-devel, you can use a check from the Tiger security tool to do just this, it's called 'check_finddeleted' and will point you to the processes (normal ones and daemons) that are using deleted files: http://savannah.nongnu.org/cgi-bin/viewcvs/tiger/tiger/scripts/check_finddeleted+?rev=1.1&content-type=text/vnd.viewcvs-markup (provided from Tiger 3.2rc1 and above) Regards Javi PS: It is based on an excellent article by Brian Hatch at http://www.hackinglinuxexposed.com/articles/20020507.html pgpLdAlQVkl2M.pgp Description: PGP signature
Re: Information in DSAs on necessary restarts due to library-security-updates
Hi! On Sat Apr 26, 2003 at 03:32:26PM +0200, Florian Weimer wrote: > At work, we recommend rebooting the system. Currently, it's the only > reliable way to replace all memory-resident libraries. 8-( lsof +L1 prints every unlinked open file: # lsof +L1 COMMAND PID USER FD TYPE DEVICE SIZE NLINK NODE NAME exim3 288 mail memDEL3,3 0 96454 /usr/lib/libsasl.so.7.1.10.dpkg-new cardmgr 389 root1u CHR 254,0 0 94906 /var/run/cm-389-1 (deleted) cardmgr 389 root2u CHR 254,1 0 94907 /var/run/cm-389-3 (deleted) sshd 409 root memDEL3,3 0 111693 /usr/lib/i586/libcrypto.so.0.9.6.dpkg-new ssh-agent 511 djmaecki memDEL3,3 0 111693 /usr/lib/i586/libcrypto.so.0.9.6.dpkg-new wmbattery 520 djmaecki memDEL3,3 0 96718 /usr/lib/libapm.so.1.0.0.dpkg-new Here I should restart exim, sshd, ssh-agent and wmbattery (--> .dpkg-new) so long Thomas -- .''`. Obviously we do not want to leave zombies around. - W. R. Stevens : :' : Thomas Krennwallner `. `'` 1024D/67A1DA7B 9484 D99D 2E1E 4E02 5446 DAD9 FF58 4E59 67A1 DA7B `-http://bigfish.ull.at/~djmaecki/ pgpI7D6X6W4C4.pgp Description: PGP signature
Re: Information in DSAs on necessary restarts due to library-security-updates
Markus Amersdorfer <[EMAIL PROTECTED]> writes: > I therefore suggest putting this kind of information in any Debian > Security Advisory for library packages (or possibly others too which > need similar actions to be taken by the user). At work, we recommend rebooting the system. Currently, it's the only reliable way to replace all memory-resident libraries. 8-(