1 |
The problem with any kind of live cd is that, being gentoo users, we |
2 |
like to customize our systems. We'd have to have a cd each day or |
3 |
something. Seems like there must be something a little easier but |
4 |
equally useful. |
5 |
-James |
6 |
|
7 |
On Feb 9, 2004, at 6:12 PM, J Holder wrote: |
8 |
|
9 |
> Ryan Voots said: |
10 |
>> On Mon, 9 Feb 2004 15:16:55 -0500 |
11 |
>> "James Dennis" <james@×××××××××××××.com> wrote: |
12 |
>> |
13 |
>>> Right, I know it's not like tripwire. Just suggesting something to |
14 |
>>> add |
15 |
> to a default install, but you're right about just updating those files |
16 |
> too. |
17 |
>>> |
18 |
>>> I think it'd be beneficial to come up with something that could be |
19 |
>>> used |
20 |
> for built in integrity checking, but I'm not sure how to do it... |
21 |
> suggestions? |
22 |
>>> |
23 |
>>> -James |
24 |
>> |
25 |
>> IIRC whenever portage merges something in it keeps a list of the files |
26 |
> and their md5's in |
27 |
>> |
28 |
>> /var/db/pkg/<category>/<package>/CONTENTS |
29 |
>> |
30 |
>> could these md5's be used? maybe have portage make the files |
31 |
>> immutable, |
32 |
> and find some way to protect them from anyone but root, since if |
33 |
> they've |
34 |
> got root i doubt they would be going to all the trouble of doing that, |
35 |
> unless they want to use your box as a hole for something else, maybe a |
36 |
> way to keep those hashes on some type of removable media? usb flash |
37 |
> devices and such anyone? maybe a floppy for just the binutils and such? |
38 |
> |
39 |
> How about a bootable gentoo CD that can be used to verify packages on |
40 |
> the |
41 |
> hard drive from a copy (preferably on CD or something) of the |
42 |
> /var/db/pkg/* directory? I imagine if the command line arguments to |
43 |
> specify the db path for portage exist, then it may already be workable |
44 |
> with a standard gentoo livecd. |
45 |
> |
46 |
> Its an idea I have been toying with, but havent had any time to do any |
47 |
> research on. It would be a poor replacement for tripwire, but with the |
48 |
> right scripts to automate the db copy to secure media it might be an |
49 |
> quick |
50 |
> and effective "out of the box" solution, and would be a lot more secure |
51 |
> than keeping md5s or copies of the files anywhere on the harddrive. |
52 |
> |
53 |
> |
54 |
> |
55 |
> -- |
56 |
> gentoo-security@g.o mailing list |
57 |
> |
58 |
> |
59 |
|
60 |
|
61 |
-- |
62 |
gentoo-security@g.o mailing list |