Improving the offline updates user experience
Richard W.M. Jones
rjones at redhat.com
Mon Sep 15 14:51:34 UTC 2014
On Mon, Sep 15, 2014 at 04:07:39PM +0200, Vít Ondruch wrote:
> Dne 15.9.2014 14:28, Richard W.M. Jones napsal(a):
> > On Mon, Sep 15, 2014 at 10:57:13AM +0200, Vít Ondruch wrote:
> >> Every of the script is based on assumption that you already read some
> >> library/unit whatever. But that is not enough. I wonder how you want to
> >> detect that you need restart in case that I have something like this:
> >>
> >> $ ls
> >> foo.rb
> >> bar.rb
> >>
> >> $ cat foo.rb
> >>
> >> def some_function
> >> require 'bar'
> >> end
> >>
> >> And now
> >>
> >> 1) I run some application, which loads my foo.rb file.
> >> 2) I later update the package which removes bar.rb file.
> >> 3) And I call some_function which fails due to missing bar.rb
> > How is this not 'foo' simply being broken?
>
> They might come from different packages.
OK, in which case the package that needs bar was broken because it
didn't express that need in its dependencies, nor guard against the
possibility that bar was not installed.
> Or there might be also another
> level of requires, where bar.rb requires by baz.rb. In case that bar.rb
> stays and baz.rb is removed, you still cannot predict that this will
> fail in the future, since neither of these files was loaded before.
In which case bar.rb was similarly broken, for the same reason as
above.
> Or there might be another example of code with similar issues:
>
> $ cat foo.rb
>
> def some_function
> $files.each {|f| require f}
> end
>
> $files = Dir.glob('*.rb')
>
> I.e. during initialization, you list available files and you want to
> load them later, but at that moment, they are not there already.
This code is still by any measure broken. There are lots of ways that
such code could fail to work.
Plainly what I'm trying to say is: If the potentially insecure code
has been loaded into a Python process, and the python interpreter has
the small modification that I suggested, then we will be able to
detect that the insecure code is loaded into memory and flag the
process/service as needing to be restarted.
That's all.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-top is 'top' for virtual machines. Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://people.redhat.com/~rjones/virt-top
More information about the devel
mailing list