[Aide] Security question.
andy baxter
andy at earthsong.free-online.co.uk
Mon Jun 25 04:28:32 EEST 2007
Tobias Weisserth wrote:
> Hi,
>
> On Jun 25, 2007, at 2:51 AM, andy baxter wrote:
>
>
>> - check the md5sum before running aide --check
>>
>
> Which md5 binary are you using to do this? What if someone
> manipulated the md5 binary to show a specific md5 checksum after
> modifying your database?
>
> All binaries you depend on should be compiled statically and put on a
> read-only mount.
>
I am intending to put the md5sum file on the read-only floppy, compiled
statically as you say.
More information about the Aide
mailing list