1 |
On Mon, 9 Feb 2004 15:16:55 -0500 |
2 |
"James Dennis" <james@×××××××××××××.com> wrote: |
3 |
|
4 |
> Right, I know it's not like tripwire. Just suggesting something to add |
5 |
> to a default install, but you're right about just updating those files |
6 |
> too. |
7 |
> |
8 |
> I think it'd be beneficial to come up with something that could be used |
9 |
> for built in integrity checking, but I'm not sure how to do it... |
10 |
> suggestions? |
11 |
> |
12 |
> -James |
13 |
|
14 |
IIRC whenever portage merges something in it keeps a list of the files and their md5's in |
15 |
|
16 |
/var/db/pkg/<category>/<package>/CONTENTS |
17 |
|
18 |
could these md5's be used? maybe have portage make the files immutable, and find some way to protect them from anyone but root, since if they've got root i doubt they would be going to all the trouble of doing that, unless they want to use your box as a hole for something else, maybe a way to keep those hashes on some type of removable media? usb flash devices and such anyone? maybe a floppy for just the binutils and such? |
19 |
|
20 |
-----BEGIN GEEK CODE BLOCK---- |
21 |
Version: 3.1 |
22 |
GCS/CM/E/M/S/O d--(-) s:+>:- |
23 |
a--->-->->>+>++>+++$ C+++>++++$ UL++++>++++$ |
24 |
P+++>++++$ L++++>++++$ !E-? W++>++$>+++$ |
25 |
N++>* !o? !K? w--->---$ O-- M-@ !V--? PS+++(++(+((-)))) |
26 |
PE Y+(++)@ PGP+++(++) t+++>+++$ 5--(-)@ X++@>+++@ |
27 |
R+(++)@ tv+++@>++@ b+>++ DI++++ D+++@ G+++>++++ |
28 |
e>+$>++$>+++$>++++$>+++++$ h+>++ r*(--(++))@ !y+>-->->+++@ |
29 |
-----END GEEK CODE BLOCK----- |