Re: dpkg verify mode for security?
-----BEGIN PGP SIGNED MESSAGE-----
Chris Fearnley, in an immanent manifestation of deity, wrote:
>'Amos Shapira wrote:'
>>many "use tripwire" answers, and one which says that RPM has a verify
>>mode which checks for files which were changed since they were
>
>What does the rpm verify give you? As far as I can tell it gives a
>false sense of security. Nothing more. The rpm database is easily
>hacked once root access is attained.
Actually, as opposed t a security measure, I would've found something
like this useful as a backup-check measure.
I had a nasty head-crash last week. Thankfully, I had recent backups.
Unfortunately, I had upgraded a number of packages after the latest
backup. /usr was hit hard but /var was pretty clean. So, I had
restored some old version of files and had no real idea which ones. I
figure that eventually, they will all get replaced. Still, being able
to write a perl script that tells me which files didn't match the stuff
in /var/lib/dpkg/info would've been handy.
Darren
- --
<torin@daft.com> <http://www.daft.com/~torin> <torin@debian.org> <torin@io.com>
Darren Stalder/2608 Second Ave, @282/Seattle, WA 98121-1212/USA/+1-800-921-4996
@ Do you have your clothes on? I probably don't. Take yours off. Feel better. @
@ Sysadmin, webweaver, postmaster for hire. C/Perl/CGI programmer and tutor. @
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface
iQCVAwUBM4LON44wrq++1Ls5AQFpgwP/SyFfV8OW/k2VcLwpE4VcyJD14RL/wiQu
ql4TBy9xNekdfbHV7C20C162X/M4TJ0bapLrpytTVfXjy1a4wp6aCMaQaOnVtGMc
LqGZ9n3B1PMm9mxuxB7exkyVmz8mVH9JMxBUhY16XUVc6tszoslNPolOlkv0VZf6
fFEF3nK5WUA=
=UejZ
-----END PGP SIGNATURE-----
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: