Archive for December, 2008
IE7 Security Updates; really secure?
by Dr D on Dec.30, 2008, under Computers, Funny, windows
So, we all see them, we install them because we think they are very important, which they are.
Until you stumble accross this, like myself and a friend at work did today.
We were investigating some issues with a server acting wonky (we then realized it was broken into), but in the midst of investingating, we realied there was a c:\windows\ie7\iexplore.exe file, which ran….and looks like ie6. Aparrently, its the IE6 skin, with the IE7 rendering engine. Normally IE7 is ran from c:\program files\internet explorer\iexplore.exe.
So, out of curiousity, we did a file search for iexplore.exe….Woah, my friend had 12, and I had 31!
To top it all off, they all have different versions! So in reality, if you run your windows updates, someone can still use the old version unless you clean them up!
Kernel Lock outs?
by Dr D on Dec.22, 2008, under Computers, Linux
So I am sitting here, upgrading my servers (mostly gentoo) and on the world (full system) update, its telling me it wants to install a different version of the kernel.
Let me jump back for a second. Gentoo has very good customizations on what you can do, and for instance, I originally installed the gentoo-sources-2.6.26-r1 on one of my servers, and told it not to upgrade anything newer. Everythings been going fine, until today, when its like “oh, you can install 2.6.25-r9!” But wait, thats a downgrade. So I tell Gentoo not to install anything older then 2.6.26-r1, and then it complains. “!!! Ebuilds for the following packages are either all masked or don’t exist: sys-kernel/gentoo-sources.” Well, whatever. So I undid those changes, and decide to remove “gentoo-sources” from the world file, which basically says that its installed. So now it works as intended. But if I go to install an application dependant on the kernel source, then it will try to re-emerge them. So I told the system that I’ve provided the software and specific version, which is basically saying “pretend its installed.” And it still works. So WTF
Long story short, if you use Gentoo, and its wanting to upgrade or downgrade the kernel, try removing gentoo-sources fromthe world file, but adding the exact version to the portage/packages.mask and portage/profile/packages.provided.
As a side note, on Fedora/Redhat/CentOS/YUM based systems, add a line stating “exclude=kernel*” to the /etc/yum.conf file (or the .repo files) and it will lock out kernel upgrades on those systems.
Merry fsckin’ Christmas!
by Dr D on Dec.07, 2008, under Funny
Had to post it, as Aaron said, “Epic!”
The Dan Band “I Wanna Rock You Hard This X-Mas”
