Re: experimental system for per-file checksums
'Ian Jackson wrote:'
>
>It seems to me that Klee's proposal fails to achieve its stated
>purpose, to protect a machine from internal tampering, because it is
>unable to protect the software which would do the verification or the
>public keys used to verify the certificates. If these can be stored
>off-line it seems to me that it might make sense just to store all the
>md5sums off-line.
Eurika! Isn't that the way tripwire does it? Perhaps sysadmins who
care about this level of security should rely on the tool that works:
tripwire. And leave dpkg to do what it does best: install and manage
software.
So far I haven't been convinced of anything more than marketing value
re: checksums included in .deb's.
But Ian explains it (and understands it) so much better than me.
--
Christopher J. Fearnley | Linux/Internet Consulting
cjf@netaxs.com, cjf@onit.net | UNIX SIG Leader at PACS
http://www.netaxs.com/~cjf | (Philadelphia Area Computer Society)
ftp://ftp.netaxs.com/people/cjf | Design Science Revolutionary
"Dare to be Naive" -- Bucky Fuller | Explorer in Universe
Reply to: