Distributors ponder a systemd change
Distributors ponder a systemd change
Posted Jun 8, 2016 12:03 UTC (Wed) by itvirta (guest, #49997)In reply to: Distributors ponder a systemd change by rahvin
Parent article: Distributors ponder a systemd change
> What if you had an orphaned ssl process when the heartbleed vulnerability was disclosed?
> Even if you patch the binary if you don't shutdown the [running processes] you just exposed your key to the world.
> Even if you patch the binary if you don't shutdown the [running processes] you just exposed your key to the world.
That's a problem with all binary / library upgrades (libc and static binaries too). You need a way to find if a process is still using the old binary, and for long-running services
that needs to be done during the upgrade, not during some arbitrary point in the future, like someone's logout.