Re: dpkg verify mode for security?
On Thu, 15 May 1997, Chris Fearnley wrote:
> 'Amos Shapira wrote:'
> >I was asking over Linux-ISP about doing cleanup after breakins and got
> >many "use tripwire" answers, and one which says that RPM has a verify
> >mode which checks for files which were changed since they were
> >installed. Can the dpkg maintainers consider adding such a feature
> >for Debian?
> What does the rpm verify give you? As far as I can tell it gives a
> false sense of security. Nothing more. The rpm database is easily
> hacked once root access is attained.
> Tripwire or something similar is the only viable option.
If the maintainers PGP-sign the verification data, they should be OK
(providing that you keep your PGP keyring on read-only media, like a
Debian CD-ROM). I'm presuming the best way to go is to have PGP-signed
md5sums. Another alternative is to keep a copy of the md5sums on read-only
media (CD-ROM springs to mind), and check against that.
Tom Lees <firstname.lastname@example.org> http://www.lpsg.demon.co.uk/
PGP ID 87D4D065, fingerprint 2A 66 86 9D 02 4D A6 1E B8 A2 17 9D 4F 9B 89 D6
finger email@example.com for full public key (also available on keyservers)
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
Trouble? e-mail to firstname.lastname@example.org .