[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
- Subject: Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
- From: Eugene Crosser <crosser@xxxxxxxxxxx>
- Date: 16 Aug 2002 09:28:21 +0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Fri, 2002-08-16 at 03:31, Michael Stauber wrote:
> > There are some pkgs that are irrevocable, there are some people
> > on this list that also put out some irrevocable patches. "solarspeed" or
> > something like that.
>
> Quite true. For the same reason why SHP is uninstallable:
>
> Once SHP is installed it has replaced daemons like Apache, FTP, Sendmail,
> IMAP, Qpopper, Telnet and therelike. If people did really uninstall the
> package whith an uninstaller, then they'd end up without important daemons
> like Apache, Qpopper, IMAP, Telnet and therelike. The server would instantly
> be unuseable for whatever purpose.
Well, theoretically it is not impossible to save all replaced files in a
safe place (== directory unique to this package), together with
checksums of _replacing_ files. Then the uninstaller could restore the
files from backup, and do it only if they where not replaced by yet
another package in the meantime.
I am not telling this is a "must do", or even a "good idea" for the
particular case, but at least it is possible.
Eugene