[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Tripwire in bin-directory?

On Wed, May 24, 2000 at 01:40:11PM +0100, Zak Kipling wrote:
> If someone breaks into your system, he/she could change /usr/lib/tripwire
> itself... isn't this just as much of a problem, except in the unlikely
> event that /usr/lib is hardware write-protected while /bin is not.

Well, that was the intent. The database should be stored on a read only
location. Note, however, that this is by no means completely secure since an
intruder could simply umount /usr/lib/tripwire and create the files in this
dir anew.

It is, however, a solution for some remote changes. If an intruder gets a
root account he/she can do whatever he/she wants to your machine.

Michael Meskes
Go SF 49ers! Go Rhein Fire!
Use Debian GNU/Linux! Use PostgreSQL!

Reply to: