On Wed, 1 Nov 2000, Steven W. Orr wrote:
> I always thought that this was one of the beauties of rpm. If you thought
> you were hacked, all you need to do is to reinstall rpm a la
>
> rpm -Uvh --force rpm-blahblah
>
> and then run
>
> rpm -Va
>
> to see if any individual files are corrupted.
>
> Am I being naive?
Yup. You can as easily replace RPM as telnetd or any other command. Make
it do a song and dance, and pretend to upgrade while really doing nothing.
Granted, only GOOD hackers will think of this, but the point is you just
don't want to trust it.
--
We sometimes catch a window, a glimpse of what's beyond
Was it just imagination stringing us along?
------------------------------------------------
Derek Martin | Unix/Linux geek
[EMAIL PROTECTED] | GnuPG Key ID: 81CFE75D
Retrieve my public key at http://pgp.mit.edu
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
