[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: And now for something completely different... etch!

On Wed, 2005-06-15 at 13:10 -0700, Russ Allbery wrote:
> Ian Campbell <ijc@hellion.org.uk> writes:
> > I might be talking out of my arse (99% probability ;-)) but I thought
> > I'd heard that it was possible to store the pre-linking information
> > separately to the binaries, under /var/cache or something for example.
> > Am/was I imagining things?
> One of the points of the md5sum verification is to ensure that the
> binaries haven't been tampered with.  If one can tamper with the binaries
> by modifying some file in /var/cache instead, doesn't that just
> reintroduce the same problem?

I guess so, but then the prelinking tool could just store the md5 sums
of the prelink data files somewhere.


Ian Campbell

I HAVE to buy a new "DODGE MISER" and two dozen JORDACHE JEANS because
my viewscreen is "USER-FRIENDLY"!!

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: