On Sat, 26 Apr 2003 16:30:23 +0200 Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> wrote:
Hi! > > lsof +L1 prints every unlinked open file: > (..) > > you can use a check from the Tiger security tool to do > just this, it's called 'check_finddeleted' and will point you to the > processes (normal ones and daemons) that are using deleted files: [...] Thanks both for your information. (I've just installed the cron-job "lsof +L1 | grep dpkg-new$" reminding the admin - currently me - of processes using an old library.) Nevertheless, I actually wanted to propose including information about the overall situation into the security advisories for libraries, something like: "Mind: Active Programs and services using this package's libraries will NOT be restarted automatically and thus be vulnerable until you take care of restarting them yourself! Check out [1,2] on how to find such processes. [1] `lsof +L1 | grep dpkg-new$` [2] http://savannah.nongnu.org/cgi-bin/viewcvs/tiger/tiger/scripts/check_finddeleted+?rev=1.1&content-type=text/vnd.viewcvs-markup`"; Currently, most people believe "update && upgrade" is enough and don't do anything else. This simple hint in the DSA could save people from a _lot_ of troubles. Does the Debian-Security-Team read this list? (If so, please respond :) ...) How to contact the security-team (without writing a mail to one of them directly)? Thanks 'n' Cheers, Max -- The first time any man's freedom is trodden on, we're all damaged. <Cpt. Picard, "The Drumhead", StarTrek TNG> http://homex.subnet.at/~max/
