Hi, V ?t, 08. 07. 2008 v 15:32, Darren J Moffat p??e: > Milan Jurik wrote: > > Hi, > > > > V ?t, 08. 07. 2008 v 13:33, Darren J Moffat p??e: > >> James Carlson wrote: > >>> (Having a big database of MD5 and SHA-1 checksums searchable on > >>> checksum is a nifty hack around the problem ... but it's still a > >>> problem, and shouldn't need a hack. You should be able to go directly > >>> from advertised version number to verified checksum in one step.) > >> As an aside we do actually have such a thing: > >> > >> For any given binary we can find out which SVR4 package on which release > >> of Solaris or patch to a given release it came from: > >> > >> http://sunsolve.sun.com/fileFingerprints.do > >> > > > > Fingerprints are nice, but are they part of binary itself? Sometimes you > > need to know "exact" version from crashdump, where binary on disk and in > > memory were different before crash. > > No but the .SUNW_signature section which is a cryptographically strong > digital signature is part of the binary. Unfortunately though it isn't > include in the crashdump - there is an open RFE for this. > > > Yes, %I% is hack, but it saved a lot of work. > > I don't believe it saved any work it gave you the illusion it was > telling you something useful and sometimes you get lucky. As James and > I have said several times it isn't actually reliable. In some cases is > just plain dangerous because it leads the diagnosis down the wrong path.
Because many modules in ON (and not only in ON) are in one file, it's usefull in many cases. Yes, it's not reliable but it's better than nothing. So, if we are removing %I%, we should find some better, generic mechanism for it. And as example where it helped, look at CR 6704883 Best regards, Milan
