On Tue, 6 Dec 2016, Zack Weinberg wrote:
On the assumption that this _is_ the issue, I am going to write a script
that scans the Debian archive for existing binaries containing
definitions (exported or not) of getentropy and/or getrandom, and will
report what it tells me -- this will probably take a couple days to
cycle all the way through.
You can't generally tell for a stripped executable whether there's a
getentropy function in there - only if it's unstripped, or linked with
-rdynamic, or linked with glibc that defines getentropy and so exports it
in the dynamic symbol table for that reason. You could scan shared
libraries for bogus exports, but I don't see how you could test for
executables that would cause a problem when linked with new glibc without
doing a full archive rebuild with patched glibc.