[prev in list] [next in list] [prev in thread] [next in thread] 

List:       focus-sun
Subject:    Re: Solaris Security Patches - notification formats/methods -
From:       Jed Dobson <jed () WGTECH ! COM>
Date:       2000-05-25 11:16:45
[Download RAW message or body]

I will shortly post the scripts I use to grab the latest xref file
check with patchdiag and grab the security patches. It is running at a
customer site of mine so it will be a day or so before I'm back out
there.

I don't however, apply these patches. As someone mentioned automated patch
installs (no matter how dull patchadd -d . -b /var/backouts ...etc is) is
something that should be done manually. Ever run out of space and not get
a patch to fully install? You should, of course, always check the READMEs
too and see what is getting replaced or what permissions are changing
(important to review for additions / deletions from tripwire configs)

-jed

Jed Dobson
Sun Enterprise Certified Systems Engineer
Workgroup Technology Partners, an Enterprise Elite Sun VAR!
jed@wgtech.com

On Wed, 24 May 2000, David Murphy wrote:

> Quoting <200005241608.SAA25993@utah.mtg.mtnet>
> by Othmar Truniger <truniger@tis.mt.com>:
>
> > I maintain my own list of patches which get installed when
> > jumpstarting or updating a system. I use a script which compares
> > each patch report with my own list of patches and points out each
> > new/updated recommended or security patch as well as each version of
> > the patches I also install and what patches got obsoleted.
>
> Even without compromise of SunSolve servers, I would never recommned
> automatic installation of patches on any system where stability is
> important - human review of patches should be considered mandatory
> prior to installation.
>
> --
> When asked if it is true that he uses his wheelchair as a weapon he will reply:
> "That's a malicious rumour. I'll run over anyone who repeats it."
> Stephen Hawking - [http://www.smh.com.au/news/0001/07/features/features1.html]
> David Murphy - For PGP public key, send mail with Subject: send-pgp-key
>

[prev in list] [next in list] [prev in thread] [next in thread]