Hello Pedro, hello list, * Pedro Cáliz wrote on May/03/2003:
5 - what do you think of the idea of creating and regularly running a customized shellscript that would unzip the tools plus a set of trusted binaries and then uses these instead of the always-installed ones? But that would mean i had to make special setups/'make install's, wouldn't it? and it wouldn't work with resident tools (rkdet) at all, right?
Perharps it's more easy, and more secure to run your trustred binaries from a CD. Sure anybody can't touch your code, config's, etc . ;-)
Yes, i'm aware of that this is the usual way to handle it. I just thought that a local bzip2 archive would a) be easier to handle/update and b) wouldn't require me to worry about having the correct CD in the drive at the right time... BTW, i am trying to set this up on my home-/notebook-system which i am also using for my day-to-day work, so running this machine as a dedicated firewall/router is not an option. (Basically i am doing these security things to get used to them in order to maybe later use them at work...) Cheers, Andreas -- He who laughs last is at 300 baud. -- My Public PGP Keys: 1024 Bit DH/DSS: 0x869F81BA 768 Bit RSA: 0x1AD97BA5