[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Tripwire in bin-directory?

Hi ! 
> > is a shellscript in bin that executes /usr/lib/tripwire.
> > If someone breaks into my system, he/she could
> > change the file in bin to something that always
> > reports that nothing was changed!
> If someone breaks into your system, he/she could change /usr/lib/tripwire
> itself... isn't this just as much of a problem, except in the unlikely
> event that /usr/lib is hardware write-protected while /bin is not.
Use LIDS. It's not a magic-weapon but a very good patch to the kernel
itself. Read the article on securityfocus and the LIDS docs. With this
patch it's possible that even root couldn't overwrite files in selected

Reply to: