[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!

Subject: Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
Date: Sat, 17 Aug 2002 19:35:51 +0200
Organization: SOLARSPEED.NET
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Zeffie,

> that's because we don't do things like that.  We would just reinstall the
> old rpm. 

EXACTLY. ;o) That's how do do it properly. That's how you and I and a few 
others would do it. 

The whole point I was trying to make with my previous message was about that. 
You can't reasonably put that much logic in an installer that it in all cases 
allows you to go back all the way if something fails. In some cases you can 
do it, but not in all.

> If for some reason we can't move forward.  which doesn't happen
> often because of the ways we build things.  (me anyway)

Same here.

> Granted that Sun.Cobalt does not have a location where we can get current
> rpms and srpms. grrrrrr

Yeah, I also agree that this would make life a whole deal easier if it were 
otherwise. :o(

> >  Or an uninstaller could download
> > and (partially or completly) re-install the official Sun Cobalt PKG which
> > contains the replaced RPM file in such a case.
>
> not really because there are scripts inside of rpms and like a program
> there is an order to these things..

If you'd do an uninstaller that way, then you'd have to take that into 
account, of course. But in most cases the scripts in the RPM are very well 
needed, so that's not a problem. If it is, then there is always the 
--noscripts parameter of the RPM command. 

> > FWIW: Windows 2000 Service Pack 3 can't be uninstalled either. ;o)

> Ok I'm starting to see the problem.  But I knew it the first time I saw
> your work. :) This is not windows.

You don't know anything about me, dear colleague. I'm a Linux man trough and 
through. The only thing I use Windows for is for accounting and for web- and 
image design. 

> In the development of rpms we have the ability to verify how things are
> building through simple testing before installing on production machines and
> then we are installing the same exact thing.

You're preaching to the choir, so please turn around if you want to continue 
your lecture. ;o)

I was using that analogy just to show that even in the Windows world (to which 
so many others are used to) a clean uninstall is sometimes not possible. 
"Clean" and Windows are contradicting terms anyway <shrug>.

> There are reasons for all this rpm fun.

I wouldn't exactly call it fun, especially not after porting 20 RPMs from the 
Qube3 to the RaQ550, which is what I did the last two days. 

-- 

With best regards,

Michael Stauber
mstauber@xxxxxxxxxxxxxx
Unix/Linux Support Engineer

Follow-Ups:
- Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
  - From: Paul Jacobs

References:
- Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
  - From: Paul Jacobs
- Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
  - From: Michael Stauber
- Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
  - From: Zeffie

Prev by Date: Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
Next by Date: [cobalt-security] Re: OT: SSL Certs
Previous by thread: Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
Next by thread: Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index