Marcus Brinkmann wrote: > See, Piotr. We all agree with you that it would be great if we had a > reliable and secure tool to verify the system integrity. > > The real problem is that your proposal did nothing to get us closer to this > goal. Putting md5sums in the package file is probably not the way to go.
Then why do we half do it already? Is there another reason? (I'm not talking `secure', I'm talking help for crash recovery). > We all feel that you have a point, but we also see that you can't offer a > high quality solution. If you can give us a free clone of tripwire or > something like that, we can see what we can do to integrate it into the > standard Debian distribution. As Manoj said, (I don't remember the correct > words), a half baken solution can be worse then no solution at all. Isn't that what we have now? I'd suggest we either have using md5sums files for _all_ packages, or remove them (over time) from packages that do use them. I personally think that (1) we already use them, (2) they don't hurt and (3) they could help. I don't see this as a half baked solution to helping crash recovery. Our present state of half the packages using them _is_ half baked. I agree that this doesn't give built-in protection against intrusions. But that's another topic, isn't it? For that, use tripwire, or move all your md5sums files to offsite media after installation, and periodically check the system against the archived md5sums. This would be feasible. Peter
