Patrick O'Callaghan <pocallag...@gmail.com> writes: > On Sun, 2014-03-16 at 15:04 -0700, Wolfgang S. Rupprecht wrote: >> A clever intruder is just going to wait until a batch of changes goe >> out and then add their trojan. > > Of course you check the hash signatures on those downloads, right?
Yes, but in a haphazard, infrequent manner. The whole point of me installing rkhunter was to automate detection of trojans. If I'm going to have to check the hashes myself, what is rkhunter bringing to the party? The more I think about it the more --propupd bothers me. rkhunter emits warnings that turn into regular mailbox clutter and sooner or later one is going to ignore them. -wolfgang -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
