On Thu, 15 May 1997, Chris Fearnley wrote: > 'Amos Shapira wrote:' > > > >I was asking over Linux-ISP about doing cleanup after breakins and got > >many "use tripwire" answers, and one which says that RPM has a verify > >mode which checks for files which were changed since they were > >installed. Can the dpkg maintainers consider adding such a feature > >for Debian? > > What does the rpm verify give you? As far as I can tell it gives a > false sense of security. Nothing more. The rpm database is easily > hacked once root access is attained. > > Tripwire or something similar is the only viable option.
If the maintainers PGP-sign the verification data, they should be OK (providing that you keep your PGP keyring on read-only media, like a Debian CD-ROM). I'm presuming the best way to go is to have PGP-signed md5sums. Another alternative is to keep a copy of the md5sums on read-only media (CD-ROM springs to mind), and check against that. -- Tom Lees <[EMAIL PROTECTED]> http://www.lpsg.demon.co.uk/ PGP ID 87D4D065, fingerprint 2A 66 86 9D 02 4D A6 1E B8 A2 17 9D 4F 9B 89 D6 finger [EMAIL PROTECTED] for full public key (also available on keyservers) -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
