Re: How to securely verify that package-installed files match originals?
On Thu, Jan 14, 2021 at 12:57 PM Erik Poupaert <email@example.com> wrote:
> So, I mount the disk of this computer as folder /mnt/audit in my second computer, which I still trust. Now, I want to audit the installation foot print of dpkg in /mnt/audit from this second computer.
As pointed by others, integrity of checksums doesn't guarantee lack of
backdoor, since the backdoor can be in other places, not seen by