Omri Schwarz [mailto:ocschwar@xxxxxxx] said: > Hi, all, I'm wondering if this was done yet, or if the script > needs to be written, one that will check incoming .hdr files to > know which file on a system are about to be over-written for a > Yum update, and then tells Tripwire to update those files and > those files only. Doesn't it kind of defeat the security of tripwire to automate database updates? Scenario: Cracker gets in, modifies your /etc/yum.conf to point to his own repository, downloads a root kit in RPM form, and you never know about it because tripwire did what I think you're describing here. Magnus Hedemark Linux Network Admin TruePosition, Inc. Office 610-680-1133 FAX 610-680-1199
