[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How reliable is "debsums"?


Justin Ryan wrote:
> Use both!  One advantage of debsums is that you can compare md5sums
> against a package, rather than just the system db.  If you fear that
> something may have been modified, you can download the .deb file and
> bypass anything that an attacker could modify.  Of course, the debsums
> binary could be modified to never report that anything has changed, but
> every little bit helps..

well, just download a modified .deb file and see if the programm says there
has changed something.
in addition i have a tripwire-db, so whenever i want to be really sure, i
can boot from cd-rom and compare the harddisk with my tripwire-db, which is
not on the harddisc.

Ralf Dreibrodt

Reply to: