Re: dpkg verify mode for security?
In message <[🔎] 199705152051.QAA25764@unix3.netaxs.com> you write:
|'Amos Shapira wrote:'
|>
|>I was asking over Linux-ISP about doing cleanup after breakins and got
|>many "use tripwire" answers, and one which says that RPM has a verify
|>mode which checks for files which were changed since they were
|>installed. Can the dpkg maintainers consider adding such a feature
|>for Debian?
|
|What does the rpm verify give you? As far as I can tell it gives a
|false sense of security. Nothing more. The rpm database is easily
|hacked once root access is attained.
|
|Tripwire or something similar is the only viable option.
You give the answer yourself :-). What I was thinking about is the
ability to verify files against a database on a non-writeable media
(or fetched from the net).
Someone pointed me to an experimental package called 'dpkgcert', which
seems to do just that. Look at the experimental directory on
master.debian.org.
Cheers,
--Amos
--Amos Shapira | "Of course Australia was marked for
133 Shlomo Ben-Yosef st. | glory, for its people had been chosen
Jerusalem 93 805 | by the finest judges in England."
ISRAEL amos@dsi.co.il | -- Anonymous
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: