 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Sat, 30 Aug 2014 17:19:00 +0400 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Hi Andras Horvath!
On 2014.08.30 at 13:23:34 +0200, Andras Horvath wrote next:
> Does the recent glibc update need a reboot to fully take effect?
If you think the vulnerabilities
(https://rhn.redhat.com/errata/RHSA-2014-1110.html) might be exploited
on your system for long-running applications, you need a reboot;
personally I think it's unlikely, because locales are loaded only at
applications startup (and they will start with new glibc from now on),
so "directory traveral flaw" can't be exploited, and supplying arguments
to iconv call for already running applications like system services
isn't likely too.
On production system, I'd be satisfied with restarting long-running
software that might use different iconv calls in runtime, like database
server (unless it's strictly for internal use). But if you worried, do a
full reboot, it's the only way to reload glibc for some system
applications (okay there are technically other ways, like going into
single user mode, restarting init then going back, but it's just not
worth it).
--
Vladimir
|
|
|
