Re: dpkg verify mode for security?
'Amos Shapira wrote:'
>
>I was asking over Linux-ISP about doing cleanup after breakins and got
>many "use tripwire" answers, and one which says that RPM has a verify
>mode which checks for files which were changed since they were
>installed. Can the dpkg maintainers consider adding such a feature
>for Debian?
What does the rpm verify give you? As far as I can tell it gives a
false sense of security. Nothing more. The rpm database is easily
hacked once root access is attained.
Tripwire or something similar is the only viable option.
--
Christopher J. Fearnley | Linux/Internet Consulting
cjf@netaxs.com | Design Science Revolutionary
http://www.netaxs.com/~cjf | Explorer in Universe
ftp://ftp.netaxs.com/people/cjf | "Dare to be Naive" -- Bucky Fuller
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . Trouble?
e-mail to templin@bucknell.edu .
Reply to: