From mboxrd@z Thu Jan  1 00:00:00 1970
From: Gustavo Guillermo <gustavo@compunauta.com>
Subject: Re: bash replacement ...
Date: Thu, 11 Dec 2014 22:40:55 -0600
Message-ID: <548A71D7.8010908@compunauta.com>
References: <Pine.LNX.4.64.1412111746080.14812@yossarian>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Return-path: <linux-admin-owner@vger.kernel.org>
In-Reply-To: <Pine.LNX.4.64.1412111746080.14812@yossarian>
Sender: linux-admin-owner@vger.kernel.org
List-ID: <linux-admin.vger.kernel.org>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
To: terry white <twhite@aniota.com>, linux-admin <linux-admin@vger.kernel.org>

You've to rename the running binary instead of replacing it but in one 
single execution, so later you can delete the old one.

for example:

mv /bin/bash /bin/bash.orig; cp /usr/src/bash_source/build/bash 
/bin/bash; chmod 755 /bin/bash

try it..

Cheers.

On 11/12/14 19:56, terry white wrote:
> ... ciao:
>
>     when the bash vulnerability was announced i built the 'new' 
> patched version. in my case, two.  though, not automatic, not really 
> problematic.
> however, when i tried to replace the running 'bash', the system 
> disallowd that operation.
>
>     so, i booted a rescue system, and did the replacement that way.
>
>     is there a way i could have done that on the native system ?
>
>     thanks ...
>
>