[rescue] This Just In: HP to buy Compaq
James Sharp
rescue at sunhelp.org
Thu Sep 6 11:51:20 CDT 2001
>
> Actually machines that patch themselves are a potential security nightmare
> from the standpoint of a man-in-the-middle attack, are these things Kerb'd?
> I can think of all kinds of "Patched Binaries" which could end up in /usr
> and /bin...
> Not to mention that not all patches are a good thing, SP6 anyone?
The packages from Debian are md5 hashed and PGP signed...so if even a
single bit changes, the package becomes invalid.
And you face the "upgefucked patch" syndrome anytime you patch a
box...whether you do it by hand or by cron.
More information about the rescue
mailing list