On Wed, 2014-03-19 at 01:00 -0700, Wolfgang S. Rupprecht wrote: > Patrick O'Callaghan <pocallaghan@xxxxxxxxx> writes: > > On Sun, 2014-03-16 at 15:04 -0700, Wolfgang S. Rupprecht wrote: > >> A clever intruder is just going to wait until a batch of changes > goe > >> out and then add their trojan. > > > > Of course you check the hash signatures on those downloads, right? > > Yes, but in a haphazard, infrequent manner. The whole point of > me installing rkhunter was to automate detection of trojans. If I'm > going to have to check the hashes myself, what is rkhunter bringing to > the party? Your earlier comment was about a possibly trojaned rkhunter. The way to guard against that is by checking the hash of the checker. You don't have to check every hash, but if you aren't checking the hash of rkhunter itself, the whole exercise is more about feel-good security than real security. Same applies to any security checking tool. poc -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org