Re: Tripwire in bin-directory?
Zak Kipling wrote:
>
> On Wed, 24 May 2000, Thomas Guettler wrote:
>
> > Isn't it a security risk, that there
> > is a shellscript in bin that executes /usr/lib/tripwire.
> > If someone breaks into my system, he/she could
> > change the file in bin to something that always
> > reports that nothing was changed!
>
> If someone breaks into your system, he/she could change /usr/lib/tripwire
> itself... isn't this just as much of a problem, except in the unlikely
> event that /usr/lib is hardware write-protected while /bin is not.
>
Thank you for your quick reply.
this is not unlikely, that's the way it should be according
to the READMEs.
With ztripwire the database and the binaries fit onto a 1.44MB floppy,
which
is hardware write-protected mounted on /usr/lib/tripwire.
I think that this i quite save, because the binaries and the databases
can't be changed remotely.
--
Thomas Guettler <guettli@interface-business.de>
http://www.interface-business.de
Reply to: