On Thu, Jul 9, 2009 at 5:12 PM, Jakub Jelinek <jakub@xxxxxxxxxx> wrote:
Yes I know that rpm do this. But other centralizzated integrity checker, perhaps for portability between posix platform, at max permit to skip the check - OSSSEC for example iirc do this - on prelinked binary.
regards
On Thu, Jul 09, 2009 at 05:07:05PM +0200, yersinia wrote:That's what prelink -y is for, it verifies the binary would prelink from
> But something one have to pay a security prize on not disabling it : it
> render impossible to have a
> centralizzated security integrity management (e.g. rfc.sf.net for example)
> or one have to skip from check the prelink binary. Very bad i think.
unprelinked state to bitwise same file and gives you the bits before
prelinking, which you can use for verification.
rpm -V uses this, why can't other security integrity apps do the same?
Yes I know that rpm do this. But other centralizzated integrity checker, perhaps for portability between posix platform, at max permit to skip the check - OSSSEC for example iirc do this - on prelinked binary.
regards
Jakub
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
