1 |
Right. But this still isn't that useful - for watching binary files it's |
2 |
ok, but you wouldn't recognize changes to config files etc. |
3 |
So you have to store a seperate md5sum file/tree. |
4 |
Anyway - bevor bringing a server online you could burn this dir-tree to |
5 |
a cd or something else and verify which changes to binary files (trojans |
6 |
etc.) were made in case of a compromise. But then you have to store |
7 |
always an actual tree of /var/db/pkg/* - Huh... |
8 |
|
9 |
Just my 2 cents. |
10 |
|
11 |
Christian |
12 |
|
13 |
Joby Walker wrote: |
14 |
|
15 |
> They are not discussing the MD5s stored in the portage tree but the |
16 |
> MD5s that are generated and stored in the CONTENTS files |
17 |
> (/var/db/pkg/*/*/CONTENTS), which are the compiled binaries. |
18 |
|
19 |
|
20 |
|
21 |
-- |
22 |
gentoo-security@g.o mailing list |