19 messages in org.freebsd.freebsd-securityRe: ****HELP***** | From | Sent On | Attachments |
|---|---|---|
| Jordan K. Hubbard | Nov 30, 1995 12:00 am | |
| Robert Du Gaue | Nov 30, 1995 12:54 am | |
| Julian H. Stacey | Nov 30, 1995 7:24 am | |
| Cy Schubert - BCSC Open Systems Group | Nov 30, 1995 7:48 am | |
| Michael Constant | Dec 1, 1995 9:33 pm | |
| Jordan K. Hubbard | Dec 2, 1995 1:51 am | |
| Robert Du Gaue | Dec 2, 1995 2:30 am | |
| Ollivier Robert | Dec 2, 1995 3:32 am | |
| Bruce Evans | Dec 2, 1995 4:32 am | |
| Robert Watson | Dec 2, 1995 10:14 am | |
| Michael Smith | Dec 2, 1995 11:09 am | |
| Michael Smith | Dec 2, 1995 12:37 pm | |
| Robert Watson | Dec 2, 1995 12:56 pm | |
| Jordan K. Hubbard | Dec 2, 1995 1:59 pm | |
| John Goerzen | Dec 2, 1995 8:11 pm | |
| Jordan K. Hubbard | Dec 3, 1995 12:48 am | |
| John Goerzen | Dec 3, 1995 11:45 pm | |
| Garrett A. Wollman | Dec 4, 1995 7:12 am | |
| Brown, James F. | Dec 5, 1995 12:40 pm |  .dat |
| Subject: | Re: ****HELP***** | |
|---|---|---|
| From: | John Goerzen (jgoe...@complete.org) | |
| Date: | Dec 2, 1995 8:11:46 pm | |
| List: | org.freebsd.freebsd-security | |
Unfortunately, only the easiest files to configure are setup by the novice config option. Things such as UUCP, sendmail, INN, etc -- the programs that can take hours or days to properly configure -- are not handled by the novice config.
It would be better if the installer would just: 1) Overwrite older versions of programs with the newer versions 2) Delete any obsoleted programs (and preferably make symlinks to the newer ones) 3) Add new files to existing system
John Goerzen, programmer and owner | MICRO$oft only exists because some Communications Centre & Complete BBS | people are too dumb to get something E-mail jgoe...@complete.org | better, such as FreeBSD.
On Sat, 2 Dec 1995, Jordan K. Hubbard wrote:
I plan on rebuilding a new system from scratch, then I'll wipe all the bin directories clena on the compromised systems and use the rebuilt system to update all the bins. Which should I do?
Erm. In this instance, you might be better off simply backing up the files you want to *keep* and then reinstalling the entire system from the 2.1 distribution. 2.1's installer isn't bad, and it's possible to get back a lot of the configuration data just through answering questions in the novice install.
Jordan
/bin /sbin /usr/sbin /usr/bin Where else? I know there are alot I'm missing...
On Sat, 2 Dec 1995, Robert Watson wrote:
Date: Sat, 2 Dec 1995 13:14:42 -0500 (EST) From: Robert Watson <rob...@fledge.watson.org> To: "Jordan K. Hubbard" <jk...@time.cdrom.com> Cc: Michael Smith <msm...@atrad.adelaide.edu.au>, Robert Du Gaue <rdug...@calweb.com>, secu...@FreeBSD.ORG Subject: Re: ****HELP*****
Actually, what might be nice is to include the MD5's with the system, and have a script in daily.local that verifies that the key system binaries are correct. Obviously then the md5 file would be at risk, but.. This would also be nice, unrelated to the daily part, after an upgrade to check if there are any old binaries lying around.
Actually, one thing I was going to ask about was -- is there a difference between the 2.1.0 binaries for standard executables (eg., pine) and the 2.0.5 ones? Is there anyway I can use strings (or something) to get a list of all the old binaries on my system and upgrade them if needed?
On Sat, 2 Dec 1995, Jordan K. Hubbard wrote:
Jordan; how hard would it be to generate a file with the md5's of a sto ck release system's "standard binaries" for this sort of thing?
Probably not too hard. Let me think about it. You'd want a file for each distrib, probably.
Jordan