Re: To check a copy of a file on its originality from its installed package.
Thank You for Your time and answer, Eric:
> This works in the simple case, the only thing to be aware of is that
> if someone has the ability to change you /usr/bin/sudo, then they can
> probably update the debsum as well (unless debsums are signed... are
> they?)
Is there key point on investigation from whence the danger came
(through which service they got in) - as it was a secure machine - IMHO?
Are there a port list the packages my debian distro work with (to send
and to get the info) - so that I can be able to close all others (I did
so for the INPUT chain, but not for OUTPUT).
How complicated is setting up of a SELinux for isolating a service like
postfix, clamav, amavis, apache, etc? - All I want is just to specify -
if the security issue in the services - let it breakout not - that is to
prevent access to the system (root environment/privileges). Or is it
much easier to use a VM like qemu and put each service in every VM?
Thank You for Your precious to me advices.
Reply to: