Milan Jurik wrote: > Hi, > > V ?t, 08. 07. 2008 v 13:33, Darren J Moffat p??e: >> James Carlson wrote: >>> (Having a big database of MD5 and SHA-1 checksums searchable on >>> checksum is a nifty hack around the problem ... but it's still a >>> problem, and shouldn't need a hack. You should be able to go directly >>> from advertised version number to verified checksum in one step.) >> As an aside we do actually have such a thing: >> >> For any given binary we can find out which SVR4 package on which release >> of Solaris or patch to a given release it came from: >> >> http://sunsolve.sun.com/fileFingerprints.do >> > > Fingerprints are nice, but are they part of binary itself? Sometimes you > need to know "exact" version from crashdump, where binary on disk and in > memory were different before crash.
No but the .SUNW_signature section which is a cryptographically strong digital signature is part of the binary. Unfortunately though it isn't include in the crashdump - there is an open RFE for this. > Yes, %I% is hack, but it saved a lot of work. I don't believe it saved any work it gave you the illusion it was telling you something useful and sometimes you get lucky. As James and I have said several times it isn't actually reliable. In some cases is just plain dangerous because it leads the diagnosis down the wrong path. The functionality is going you need to just get over it and learn to use one of the other methods we have outlined. -- Darren J Moffat
