On Thu, Sep 09, 2010 at 01:46:34PM -0700, Darren Reed wrote: > Should RFEs for pkg go into bugzilla or bugster? > > I think I can see two separate RFEs here: > > - being able to specify the source of the information used to > verify the package manifests (and installed data) rather than > rely on /var/pkg. That could be either in another BE, a DVD > or over the network. > > - being able to specify the root directory under which the > package manifests are found that need to be verified. > That allows you to boot from a DVD/BE and do "pkg verify" > from your hashes against what's in the other directory. > > Together that would potentially let you boot from a 149 DVD > and verify a 147 install against the server used to install the > packages from. > > Any others RFEs in this?
I don't know about additonal RFEs, but I think it would help if you could refine the use case you had in mind. If you want to boot from a CD/DVD an verify the contents of a compromised system, that's actually a different problem than using a selectable set of trust anchors to verify manifests in an alternate BE. There's an additional set of metadata that is used to determine what's installed; it's not just the presence of a manifest. If you want to actually verify a compromised system, we'll need to save a snapshot of this metadata on the read-only media. IMO, the case for verifying compromised systems duplicates functionality already implemented in bart(1) and tripwire, but I'm willing to listen to reasonable arguments to the contrary. -j _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
