[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How to securely verify that package-installed files match originals?

On Thu, Jan 14, 2021 at 12:57 PM Erik Poupaert <erik@sankuru.biz> wrote:

> So, I mount the disk of this computer as folder /mnt/audit in my second computer, which I still trust. Now, I want to audit the installation foot print of dpkg in /mnt/audit from this second computer.
As pointed by others, integrity of checksums doesn't guarantee lack of
backdoor, since the backdoor can be in other places, not seen by

Reply to: