On Thu, Mar 18, 2004 at 10:03:34AM +0000, Ronny Adsetts wrote: > Hi all. > > Whilst doing security upgrades this morning for openssl, it occurred to me > that lots of software that uses the openssl libraries will not > automatically get restarted and will therefore still be running with old > libraries and therefore be vulnerable. I usually do this by hand for the > most obvious programs, but that can often get overlooked or things get > missed. > > I remember someone posting a method for locating programs that are running > with old libraries, but don't recall where and I can't seem to find the > right words whilst invoking google... > > Before I go off and figure it out, does anyway have any scripts or snippets > that they use for locating these programs?
Aptitude has a 'is depended on' which would be one method. Another (better) method is lsof(as root). Similarly you could parse /proc for memory mappings to the revalent libraries. Brian
