On Wed, May 24, 2000 at 01:40:11PM +0100, Zak Kipling wrote: > If someone breaks into your system, he/she could change /usr/lib/tripwire > itself... isn't this just as much of a problem, except in the unlikely > event that /usr/lib is hardware write-protected while /bin is not.
Well, that was the intent. The database should be stored on a read only location. Note, however, that this is by no means completely secure since an intruder could simply umount /usr/lib/tripwire and create the files in this dir anew. It is, however, a solution for some remote changes. If an intruder gets a root account he/she can do whatever he/she wants to your machine. Michael -- Michael Meskes Michael@Fam-Meskes.De Go SF 49ers! Go Rhein Fire! Use Debian GNU/Linux! Use PostgreSQL!