[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: dpkg verify mode for security?

'Amos Shapira wrote:'
>I was asking over Linux-ISP about doing cleanup after breakins and got
>many "use tripwire" answers, and one which says that RPM has a verify
>mode which checks for files which were changed since they were
>installed.  Can the dpkg maintainers consider adding such a feature
>for Debian?

What does the rpm verify give you?  As far as I can tell it gives a
false sense of security.  Nothing more.  The rpm database is easily
hacked once root access is attained.

Tripwire or something similar is the only viable option.

Christopher J. Fearnley          |  Linux/Internet Consulting
cjf@netaxs.com                   |  Design Science Revolutionary
http://www.netaxs.com/~cjf       |  Explorer in Universe
ftp://ftp.netaxs.com/people/cjf  |  "Dare to be Naive" -- Bucky Fuller

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . Trouble? 
e-mail to templin@bucknell.edu .

Reply to: