[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Tripwire in bin-directory?

Zak Kipling wrote:
> On Wed, 24 May 2000, Thomas Guettler wrote:
> > Isn't it a security risk, that there
> > is a shellscript in bin that executes /usr/lib/tripwire.
> > If someone breaks into my system, he/she could
> > change the file in bin to something that always
> > reports that nothing was changed!
> If someone breaks into your system, he/she could change /usr/lib/tripwire
> itself... isn't this just as much of a problem, except in the unlikely
> event that /usr/lib is hardware write-protected while /bin is not.

Thank you for your quick reply.
this is not unlikely, that's the way it should be according
to the READMEs.
With ztripwire the database and the binaries fit onto a 1.44MB floppy,
is hardware write-protected mounted on /usr/lib/tripwire.
I think that this i quite save, because the binaries and the databases
can't be changed remotely.

Thomas Guettler <guettli@interface-business.de>

Reply to: