Re: Tripwire in bin-directory?
> > is a shellscript in bin that executes /usr/lib/tripwire.
> > If someone breaks into my system, he/she could
> > change the file in bin to something that always
> > reports that nothing was changed!
> If someone breaks into your system, he/she could change /usr/lib/tripwire
> itself... isn't this just as much of a problem, except in the unlikely
> event that /usr/lib is hardware write-protected while /bin is not.
Use LIDS. It's not a magic-weapon but a very good patch to the kernel
itself. Read the article on securityfocus and the LIDS docs. With this
patch it's possible that even root couldn't overwrite files in selected