Re: dpkg verify mode for security?
'Amos Shapira wrote:'
>I was asking over Linux-ISP about doing cleanup after breakins and got
>many "use tripwire" answers, and one which says that RPM has a verify
>mode which checks for files which were changed since they were
>installed. Can the dpkg maintainers consider adding such a feature
What does the rpm verify give you? As far as I can tell it gives a
false sense of security. Nothing more. The rpm database is easily
hacked once root access is attained.
Tripwire or something similar is the only viable option.
Christopher J. Fearnley | Linux/Internet Consulting
email@example.com | Design Science Revolutionary
http://www.netaxs.com/~cjf | Explorer in Universe
ftp://ftp.netaxs.com/people/cjf | "Dare to be Naive" -- Bucky Fuller
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
firstname.lastname@example.org . Trouble?
e-mail to email@example.com .