On Jun 16, 2009, at 2:03 PM, Alan Coopersmith wrote: >> Ideally, I'd like to see: >> >> 1. list of headers without version info (generated by compiler, put >> into .o) > > You could even have the compiler save the SHA-1 checksum of the > header, so > that if it is from an IPS delivered package, you could retrieve the > matching > version from IPS. (Though, chek with the IPS team about whether > they're > staying with SHA-1 or moving to another hash method for identifying > files.)
We'll likely move to a different hash algorithm in the future. However, it does seem useful to have a quick way to determine if a particular file on a system has been modified since it was delivered, and that we could reasonably expose. In combination with knowing the package version, you would know what had been delivered and if it had been changed. Cheers, -- Shawn Walker
