Isn't it a security risk, that there
is a shellscript in bin that executes /usr/lib/tripwire.
If someone breaks into my system, he/she could
change the file in bin to something that always
reports that nothing was changed!
I think this should be changed.
What do you think?
--
Thomas Guettler
On Wed, 24 May 2000, Thomas Guettler wrote:
Isn't it a security risk, that there
is a shellscript in bin that executes /usr/lib/tripwire.
If someone breaks into my system, he/she could
change the file in bin to something that always
reports that nothing was changed!
If someone breaks into
Zak Kipling wrote:
On Wed, 24 May 2000, Thomas Guettler wrote:
Isn't it a security risk, that there
is a shellscript in bin that executes /usr/lib/tripwire.
If someone breaks into my system, he/she could
change the file in bin to something that always
reports that nothing was
Hi !
is a shellscript in bin that executes /usr/lib/tripwire.
If someone breaks into my system, he/she could
change the file in bin to something that always
reports that nothing was changed!
If someone breaks into your system, he/she could change /usr/lib/tripwire
itself... isn't this
Hi,
Um, you don't need a kernel patch for that. Just the immutable bit and the
`lcap' program/package to make that immutable bit permanent. (Of course
you will need to set immutability on inittab and anything called from
there, so that it can't be changed during boot, allowing the script kiddie
On Wed, May 24, 2000 at 03:10:48PM +0200, Thomas Guettler wrote:
this is not unlikely, that's the way it should be according
to the READMEs.
Oops, forgot that I wrote it down there. :-)
With ztripwire the database and the binaries fit onto a 1.44MB floppy,
which
But only if your database is
On Wed, May 24, 2000 at 01:40:11PM +0100, Zak Kipling wrote:
If someone breaks into your system, he/she could change /usr/lib/tripwire
itself... isn't this just as much of a problem, except in the unlikely
event that /usr/lib is hardware write-protected while /bin is not.
Well, that was the
Michael Meskes wrote:
On Wed, May 24, 2000 at 03:10:48PM +0200, Thomas Guettler wrote:
this is not unlikely, that's the way it should be according
to the READMEs.
Oops, forgot that I wrote it down there. :-)
ah, you are the maintainer of it. Cool. BTW there is a typo
in ztripwire, which
In message [EMAIL PROTECTED], Thomas Guettler writes:
Michael Meskes wrote:
With ztripwire the database and the binaries fit onto a 1.44MB floppy,
which
But only if your database is rather small. I ran out of space sometimes.
yes, i exclude /home and /dev and directories containing docu.
9 matches
Mail list logo
