On 23-Dec-98 05:20:37, Russ Allbery wrote something about "Re: Frivolous forking". I
just couldn't help replying to it, thus:
> I hope that anyone who intends to do this as part of their security policy
> uses tripwire rather than relying on RPM. Tripwire is not a package
[cut]
Which is all great until the tripwire database itself is tampered with. A
competent intruder would wipe it out as the first thing (s)he does. It is a
darn sight more difficult to hack the MD5 sums on your Redhat Linux CDROM.
> RPM's verification thing is nice, but I really wouldn't rely on it as a
> replacement for tripwire.
And I would not trust my tripwire database once my system has been
compromised.
Regards,
/������������������������������T�����������������������������������������\
| Rask Ingemann Lambertsen | [EMAIL PROTECTED] |
| Registered Phase5 developer | WWW: http://www.gbar.dtu.dk/~c948374/ |
| A4000, 775 kkeys/s (RC5-64) | "ThrustMe" on XPilot and EFnet IRC |
| Life starts at '030, fun starts at '040, impotence starts at '86. |
