Re: glibc 2.1.13-17 and kernel headers
Michel Dänzer wrote:
>
> Kin Chung wrote:
> >
> > >Ethan Benson wrote:
> > >On Mon, Jun 25, 2001 at 10:01:37PM +0800, Kin Chung wrote:
> > [snip]
> > >what security problem? add potato r3 has all the current libc
> > >security fixes. or is there a new one im not aware of?
> >
> > Oops. I'm running r2 and there was a security alert in April
> > for glibc 2.1.3-x, for some x < 17. I guess I should have mentioned
> > that earlier :-(.
>
> Are you aware of
>
> deb http://security.debian.org stable/updates main contrib non-free
run dselect, select update, let it do its thing, then select
install, and let it do its thing (make sure you are connected to the
internet first). Yes, I use dselect, what of it? If it installs a
new libc, I recommend rebooting after that, just to be happiest.
problem solved.
> > [snip]
> > >
> > >if you have to ask these questions i think you should not be compiling
> > >libc.
> > [more snippage]
> >
> > Perhaps, but then I would not be able to do some of the things that
> > I do want to.
>
> Namely?
To run software that requires 2.2 without having to upgrade to
unstable? So maybe problem is not solved after all.
> > Besides, it is helpful to my learning more about Linux. Mostly, I would like
> > to have some idea about how much risk I am taking.
>
> About the biggest possible risk apart from messing with the kernel.
Bigger. I've seen grown human be-ins almost in tears over the havoc
they brought down on themselves by trying to dick around with libc,
and especially doing exactly something like this. Had to wipe the
disk and start over in the end. I went down this road once myself,
but luckily started to see the bear traps awaiting me before I did
anything too rash, like make install. I learned only one thing from
it: don't even think about it.
> > I do know that since I plan to recompile everything else as well, I
> > don't expect too many strange header mismatch errors.
>
> Are you aware of http://linuxfromscratch.org ? Sounds like that might be
> better for you than Debian. ;)
Before there was a lfs, I built a system from scratch. It is a PPro
200, my firewall/gateway/email/web server machine, and while not
being too fast, it was fully paid for, and I wanted to squeeze every
last bit of speed out of it. So I started with a "distribution"
which is actually not a distro at all, as it requires a running
Linux be installed in order to start. This was called epoch I think
and the point of it was that a kernel and modules and many software
packages were precompiled using the latest version of pgcc, making
quite a difference in speed, especially networking code. I
downloaded it, untarred it, and switched to it. It required that I
hunt down and compile myself a large number of packages. I won't
list them, because the list is semi-infinite. I had fun and learned
a lot, but, and here comes the point, not long after I was really
sort of finished (you're never really finished), I immediately
started wishing that I had just installed debian-slink on it
instead. I would be so much happier now. I could have debian, and
installed pgcc anyway, and used it to compile a kernel and exim and
boa and bind and been a lot happier.
a
Reply to: