> From: "Peter C. Norton" <[EMAIL PROTECTED]>
> No you don't. You have a vulnerability tool. You have something that
> doesn't protect the system. How does the tool know that what's in
> those 40 bytes is good if it's ignoring them? If it doesn't, and it's
> for that purpose, then how can the admin know if using that tool?
>
If you don't want to reinstall, you can set those 40 bytes to a known
value, checksum and compare. You can even store the ids in your
/var/qmail/control/id file, and stuff them back in when your through
with the checksum.
> Just like compiled-in uid's this doesn't provide any more security,
> but this one adds a feeling of false safety. It also adds an
> additional step to any installation, and no real benefit.
>
Reinstalling is perfectly acceptable, and you would have to
reinitialize the ids anyway. I think validated backups are a better
way to go, but each to their own.
sdb
