Peter C. Norton writes: > /etc/aliases.db however is a dynamic file. However verifying it can > be easily done by a human with fairly standard interperters like perl, > or python, or with a small c program. In fact, these programs could > easily parse for the tokens that indicate danger. And what exactly is the advantage of this vaporware, compared to the obvious solution---namely, recreating /etc/aliases.db? > Can I do this with qmail's binaries? With a var-qmail package, yes, of course you could write a program to verify the bin/* integrity. In fact, it would be a simple shell script. See qmail-1.03/BIN.Makefile. But it's even easier to recreate the files. > > If you can verify /etc/aliases.db, why can't you verify the qmail files? > The qmail binaries are static after installation. Explain. Why would it be _harder_ to verify static files? (Of course, /etc/aliases.db might be static too. Depends on the host.) ---Dan
- Verifying system binarie... Rask Ingemann Lambertsen
- Re: Verifying system bin... Russ Allbery
- Re: Frivolous forking Rask Ingemann Lambertsen
- Re: Frivolous forking Scott Ballantyne
- Re: Frivolous forking Russ Allbery
- Re: Frivolous forking Vince Vielhaber
- Re: Red Hat Linux and Frivolous forki... Kai MacTane
- Re: Frivolous forking listy-dyskusyjne Krzysztof Dabrowski
- System integrity verification and oth... D. J. Bernstein
- Re: System integrity verificatio... Peter C. Norton
- Re: System integrity verific... D. J. Bernstein
- Re: System integrity ver... Russell Nelson
- Re: System integrity ver... D. J. Bernstein
- Re: System integrity ver... Russell Nelson
- Re: System integrity ver... Dax Kelson
- Re: System integrity ver... Russell Nelson
- Re: System integrity ver... Peter C. Norton
- Re: System integrity ver... D. J. Bernstein
- Re: System integrity ver... Peter C. Norton
- Re: System integrity verificatio... Russell Nelson
- Re: System integrity verific... D. J. Bernstein
