Re: Tripwire style checking using apt/dpkg (security)
Stephen Birch <steve_debian@ironmountainsystems.com> writes:
> Since apt/dpkg has access to the CRC of every binary installed on a
> running system, it seems to make sense that the binaries of a running
> machine could be verified to make sure there are no trojan horses on
> the machine.
>
> Does anyone know if a tool like this exists already?
debsums does this, sort of. But not all packages include md5sum
information (it's not required), and I don't know of any
infrastructure that makes sure that the md5sum files are on trusted
read-only media. It's still useful for trying to recover from
filesystem corruption, though, and the debsums documentation suggests
a technique for plugging it into APT to generate md5sum files for
packages that don't already have them.
--
David Maze dmaze@debian.org http://people.debian.org/~dmaze/
"Theoretical politics is interesting. Politicking should be illegal."
-- Abra Mitchell
Reply to: