From: Sam Vilain (sam_at_vilain.net)
Date: Thu 15 Aug 2002 - 11:54:56 BST
Jacques Gelinas <jack_at_solucorp.qc.ca> wrote:
> > even the root server has to do this ?? I thought the immutable flag
> > was only used in the vservers.
> The real thing about unification and the immutable flag is that you
> generally don't care about those flags. You are not allowed to
> modify the file, but you are allowed to unlink it without any
> trick. Since package update is done using unlink/rename combination,
> this is transparent.
Apart from dpkg, which tries to `chmod ug-s' setuid binaries before it
unlinks them for security reasons (someone could make a hard link of a
vulnerable version of `sudo', for instance...). I had to modify
`dpkg' to be able to upgrade ssh.
> For slackware, we can use heuristic. For example, stuff in /usr may
> be unified. Not sure. Sam has a solution which would work on
> slackware though (comparing files)
/usr, /lib, /sbin and /bin are the ones to unify IMHO.
--
Sam Vilain, sam_at_vilain.net WWW: http://sam.vilain.net/
7D74 2A09 B2D3 C30F F78E GPG: http://sam.vilain.net/sam.asc
278A A425 30A9 05B5 2F13
A seeming ignorance is often a most necessary part of worldly
knowledge.
- anon.