

Redis Hot Patch - rylee
http://benmmurphy.github.io/blog/2015/06/09/redis-hot-patch/

======
malkia
Back in the days when Playstation2 did not had updates, the awesome team of
Insomniac did self-explotation of their own game "Ratchet and Clank: Up Your
Arsenal" to get it updated: [http://www.insomniacgames.com/self-
exploitation/](http://www.insomniacgames.com/self-exploitation/)

------
eridal
well, it only works on OSX

    
    
        (error) ERR Error running script (call to f_57391bcdbf300562e6ad7201a1578740bccffb11): @user_script:4: user_script:4: Not OSX => Linux

~~~
benmmurphy
I have a version for Linux but apparently there are a lot of open unpatched
Redis servers on the internet and it doesn't take much to change the patcher
to do something else.

~~~
sneak
You're not helping by keeping a fix out of people's hands.

~~~
geofft
There _is_ a documented, reliable fix in everyone's hands, namely to shut down
Redis and upgrade it. This is a cute hack with a chance of crashing
everything.

One thing I learned from working at Ksplice was that the amount of effort
needed to build _reliable_ live patches was huge, way more than the amount of
effort needed to build a live patch good enough for your average script
kiddie, who often doesn't care about crashing one percent of machines, and
definitely doesn't care about it just not working on 90% of machines. There
is, unfortunately, an engineering imbalance between the difficulty of the good
guys' and bad guys' goals. (This is why there was no truth to the claim that
Ksplice was helping the bad guys build rootkits: the technical ability to
build rootkits was there all along, since Ksplice was out of tree -- the
innovative engineering in Ksplice was just making hot-patches reliable.)

------
vezzy-fnord
Similarly:
[https://en.wikipedia.org/wiki/Helpful_worm](https://en.wikipedia.org/wiki/Helpful_worm)

