Re: Tripwire in bin-directory?

To: Zak Kipling <zk201@cam.ac.uk>
Cc: Thomas Guettler <guettli@interface-business.de>, "debian-security@lists.debian.org" <debian-security@lists.debian.org>
Subject: Re: Tripwire in bin-directory?
From: <ago@hollo.idg.hu>
Date: Wed, 24 May 2000 15:33:25 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.4.10.10005241530360.29317-100000@hollo.idg.hu>
In-reply-to: <[🔎] Pine.LNX.4.21.0005241334550.599-100000@zk201.girton.cam.ac.uk>

Hi ! 
> > is a shellscript in bin that executes /usr/lib/tripwire.
> > If someone breaks into my system, he/she could
> > change the file in bin to something that always
> > reports that nothing was changed!
> If someone breaks into your system, he/she could change /usr/lib/tripwire
> itself... isn't this just as much of a problem, except in the unlikely
> event that /usr/lib is hardware write-protected while /bin is not.
Use LIDS. It's not a magic-weapon but a very good patch to the kernel
itself. Read the article on securityfocus and the LIDS docs. With this
patch it's possible that even root couldn't overwrite files in selected
directories.
Bye,
Ago

Reply to:

Follow-Ups:
- Re: Tripwire in bin-directory?
  - From: Alexander Hvostov <vulture@aoi.dyndns.org>

References:
- Re: Tripwire in bin-directory?
  - From: Zak Kipling <zk201@cam.ac.uk>

Prev by Date: Re: Tripwire in bin-directory?
Next by Date: Re: Tripwire in bin-directory?
Previous by thread: Re: Tripwire in bin-directory?
Next by thread: Re: Tripwire in bin-directory?
Index(es):
- Date
- Thread