| 1 |
On Mon, 9 Feb 2004 15:16:55 -0500 |
| 2 |
"James Dennis" <james@×××××××××××××.com> wrote: |
| 3 |
|
| 4 |
> Right, I know it's not like tripwire. Just suggesting something to add |
| 5 |
> to a default install, but you're right about just updating those files |
| 6 |
> too. |
| 7 |
> |
| 8 |
> I think it'd be beneficial to come up with something that could be used |
| 9 |
> for built in integrity checking, but I'm not sure how to do it... |
| 10 |
> suggestions? |
| 11 |
> |
| 12 |
> -James |
| 13 |
|
| 14 |
IIRC whenever portage merges something in it keeps a list of the files and their md5's in |
| 15 |
|
| 16 |
/var/db/pkg/<category>/<package>/CONTENTS |
| 17 |
|
| 18 |
could these md5's be used? maybe have portage make the files immutable, and find some way to protect them from anyone but root, since if they've got root i doubt they would be going to all the trouble of doing that, unless they want to use your box as a hole for something else, maybe a way to keep those hashes on some type of removable media? usb flash devices and such anyone? maybe a floppy for just the binutils and such? |
| 19 |
|
| 20 |
-----BEGIN GEEK CODE BLOCK---- |
| 21 |
Version: 3.1 |
| 22 |
GCS/CM/E/M/S/O d--(-) s:+>:- |
| 23 |
a--->-->->>+>++>+++$ C+++>++++$ UL++++>++++$ |
| 24 |
P+++>++++$ L++++>++++$ !E-? W++>++$>+++$ |
| 25 |
N++>* !o? !K? w--->---$ O-- M-@ !V--? PS+++(++(+((-)))) |
| 26 |
PE Y+(++)@ PGP+++(++) t+++>+++$ 5--(-)@ X++@>+++@ |
| 27 |
R+(++)@ tv+++@>++@ b+>++ DI++++ D+++@ G+++>++++ |
| 28 |
e>+$>++$>+++$>++++$>+++++$ h+>++ r*(--(++))@ !y+>-->->+++@ |
| 29 |
-----END GEEK CODE BLOCK----- |
Archives