Gentoo Archives: gentoo-security

From: Christian Schwede <cschwede@×××××××××××.de>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] Built in integrity?
Date: Tue, 10 Feb 2004 00:52:22
Message-Id: 40282B27.3060909@delphi-gmbh.de
In Reply to: Re: [gentoo-security] Built in integrity? by Joby Walker
1 Right. But this still isn't that useful - for watching binary files it's
2 ok, but you wouldn't recognize changes to config files etc.
3 So you have to store a seperate md5sum file/tree.
4 Anyway - bevor bringing a server online you could burn this dir-tree to
5 a cd or something else and verify which changes to binary files (trojans
6 etc.) were made in case of a compromise. But then you have to store
7 always an actual tree of /var/db/pkg/* - Huh...
8
9 Just my 2 cents.
10
11 Christian
12
13 Joby Walker wrote:
14
15 > They are not discussing the MD5s stored in the portage tree but the
16 > MD5s that are generated and stored in the CONTENTS files
17 > (/var/db/pkg/*/*/CONTENTS), which are the compiled binaries.
18
19
20
21 --
22 gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] Built in integrity? Joby Walker <zorloc@××××××××.org>
Re: [gentoo-security] Built in integrity? Heikki Levanto <heikki@×××.dk>