[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] SuSE 9.0/Security updates
> > Well, RPM is not a magic ghost. It also deletes files and stored new
> > ones, as everybody else does.
> You didn't get my point. In previous versions, RPM behaved like I
> described. It moved away the old file and deleted it. But with the new
> version I can't see any files that have been deleted by the RPM system.
> I just tested with "screen" - I opened a screen session and updated with
> the new screen rpm from the SuSE FTP servers. Although screen is still
> running, there are no deleted processes shown (SuSE 9.0).
> A re-test with SuSE 8.1 showed, that a file called "screen-RPMDELETE" has
> been deleted and is still in use, which is what I expected.
Well, rpm must have created a new file and must have moved the new one in
place after completing writing to it. It can't work otherwise: The binary
is locked, resulting in a -EBUSY if you try to overwrite it:
$ cp /bin/cat .
$ ./cat > /dev/null &
 + 4517 suspended (tty input) ./cat > /dev/null
$ cp /dev/null cat
cp: cannot create regular file `cat': Text file busy
So the fact that you don't see these files is either a bug, or you weren't
root while you were trying. I am currently voting for the first, probably
filing this as a kernel bug.
| Roman Drahtmüller <draht@xxxxxxx> // Nail here |
SUSE Linux AG - Security Phone: // for a new
| Nürnberg, Germany +49-911-740530 // monitor! --> [x] |
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here