Tripwire.
Haven't we been through this already?
--Adam
On Fri, Jan 01, 1999 at 08:44:38PM -0500, Peter C. Norton wrote:
> On Sat, Jan 02, 1999 at 01:28:08AM +0100, Peter van Dijk wrote:
> > No that's a great idea. Have rpm spawn an external -_possibly_tampered_with_-
> > binary to verify qmail. Then having a control file with the uids in it sounds
> > safer to me.
>
> While I agree with you completely, I'm really looking forward to
> someone coming up with a brilliant, simple way of doing this. AFAIK
> the only way to do it would be 2-stage verification - verify the
> djb-verifier, and if it checks out, then run it on the binary. This
> isn't any worse then the current setup. It's just a giant PITA,
> because you'd have to maintain a small-scale fork to a package that is
> *very* widely used.
>
> -Peter
