Re: dpkg verify mode for security?
In message <199705152051.QAA25764@unix3.netaxs.com> you write:
|'Amos Shapira wrote:'
|>I was asking over Linux-ISP about doing cleanup after breakins and got
|>many "use tripwire" answers, and one which says that RPM has a verify
|>mode which checks for files which were changed since they were
|>installed. Can the dpkg maintainers consider adding such a feature
|What does the rpm verify give you? As far as I can tell it gives a
|false sense of security. Nothing more. The rpm database is easily
|hacked once root access is attained.
|Tripwire or something similar is the only viable option.
You give the answer yourself :-). What I was thinking about is the
ability to verify files against a database on a non-writeable media
(or fetched from the net).
Someone pointed me to an experimental package called 'dpkgcert', which
seems to do just that. Look at the experimental directory on
--Amos Shapira | "Of course Australia was marked for
133 Shlomo Ben-Yosef st. | glory, for its people had been chosen
Jerusalem 93 805 | by the finest judges in England."
ISRAEL firstname.lastname@example.org | -- Anonymous
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
Trouble? e-mail to email@example.com .