Re: FreeBSD Security Advisory FreeBSD-SA-11:05.unix
On Oct 1, 2011, at 07:12, Doug Barton wrote:
> On 09/30/2011 21:10, Mike Brown wrote:
>> Eitan Adler wrote:
>>>> do I reboot for this one, or not?
>>> The kernel is changed, so yes.
>>=20
>> Thanks. I had guessed a reboot was needed, but the advisory only =
mentioned a=20
>> reboot in the context of building the kernel from sources. Hopefully, =
when a=20
>> reboot is required, future advisories will mention it in the =
freebsd-update(8)=20
>> instructions.
>=20
> When would a reboot not be needed for a kernel change?
Try this: When freebsd-update doesn't actually tell you to reboot.
I would expect freebsd-update to inform me that I need to reboot if =
anything in /boot (or at least /boot/kernel) was touched. In particular =
when /boot/kernel/kernel was touched. I know I've been told by =
freebsd-update to do a two-stage update in the past (freebsd-update =
install, reboot single-user, freebsd-update install again) - I had =
expected it to do the same this time, but it didn't on any of the =
dozen-and-a-half systems I ran it on.
When looking at the list of files changed between 8.2-RELEASE-p2 and =
-p3, the /boot/kernel/kernel is easily missed among them. It's easily =
concieveable that a system gets patched and then not rebooted for months =
in a case like this.
/Eirik=
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 9 之 12 篇):