Mailinglist Archive: opensuse-security (520 mails)

< Previous Next >
Re: [suse-security] netstat-output
  • From: Volker Kuhlmann <kuhlmav@xxxxxxxxxxxxxxxxxxxxx>
  • Date: Wed, 06 Dec 2000 11:05:54 +1300 (NZDT)
  • Message-id: <200012052205.LAA21176@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
> > To verify an installed package against a RPM, use:
> >
> > rpm -Vp packagename.rpm
>
> This of course is trivial for an attacker to circumvent, the RPM database is
> not really protected at all.

That's why it may be an excellent idea to back up the rpm data base
on floppy...

> Ok that's a little better but still an attacker can beat it (replace the rpm
> binary for example).

... together with the rpm binary (which is statically linked as well
for other reasons).

While you're at it, storing md5 sums of at least all the files shown by
rpm -qal and all files in /etc is a very good idea too.

Volker

< Previous Next >