From owner-freebsd-stable Thu Dec 26 21:18:43 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 31EF237B401; Thu, 26 Dec 2002 21:18:41 -0800 (PST) Received: from mail.microbsd.net (mail.microbsd.net [4.38.106.40]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8B78A43EA9; Thu, 26 Dec 2002 21:18:30 -0800 (PST) (envelope-from kerberus@microbsd.net) Received: from armada.microbsd.net (GNR-CAP-117.WYOMING.COM [216.67.137.133]) by mail.microbsd.net (Postfix) with ESMTP id 986EF6A1B; Fri, 27 Dec 2002 00:29:27 -0500 (EST) Content-Type: text/plain; charset="iso-8859-1" From: Kerberus Organization: MicroBSD To: Colin Percival Subject: Re: Binary security updates Date: Fri, 27 Dec 2002 00:15:49 -0500 User-Agent: KMail/1.4.3 Cc: freebsd-binup@FreeBSD.ORG, References: <5.0.2.1.1.20021225125238.037cd840@popserver.sfu.ca> <5.0.2.1.1.20021227001044.01c0fa40@popserver.sfu.ca> In-Reply-To: <5.0.2.1.1.20021227001044.01c0fa40@popserver.sfu.ca> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-Id: <200212270015.49683.kerberus@microbsd.net> Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG We will let you know tomorrow what we find on MicroBSD/OpenBSD, heck we m= ight=20 even try to tackle NetBSD : P On Thursday 26 December 2002 19:19, Colin Percival wrote: > At 19:08 26/12/2002 -0500, Adrian Filipi-Martin wrote: > >On Wed, 25 Dec 2002, Colin Percival wrote: > > > I've put together a basic binary updates tool aimed at people wh= o > > > want to track a security branch without keeping a source tree and > > > recompiling. I have tested this code to the best of my ability -- = but > > > since I only have one FreeBSD box (and it's on the other side of th= e > > > world), that ability is rather limited. > > > > How do you deal with .a-files? They may be identical excepti= ng > > for their table of contents and md5's don't look into the archive. > > Assuming that the component object files are the same, .a files will= be > identical apart from the timestamps. There happens to be a timestamp f= or > each object file, which (especially for libc) means an awful lot of > timestamps; but my code happily finds all of them the same way as it de= al > with other timestamps. > Files which do not contain any stamps are compared on the basis of t= heir > MD5 hashes; "polymorphic" files (those which contain stamps) are unstam= ped > and then compared. > > > Also did you run into anything with respect to other > >archive/library file types? > > Gzipped files need to be ungzipped before looking for / removing sta= mps, > but those are the only files in the FreeBSD world which I needed to dea= l > with specially; I can't say if other worlds would be so easily dealt wi= th. > I've been contacted by someone who is testing my code on OpenBSD and > MicroBSD, but I haven't heard any results. > > Colin Percival > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-binup" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message