On Wed, Feb 11, 2009 at 10:10 AM, Michael Holloway <mich...@thedarkwinter.com> wrote: > On Tue, 2009-02-10 at 22:14 +0000, alan c wrote: >> >> I trust it will not be long before I can feel just a little safer? >> comments welcomed. > > I think something like "distro level security" could be implemented, > where ubuntu (/rh/suse etc) maintain say an md5 list of all binaries > available from the repositories (or just the installed ones), and before > executing a file check if it exists in the hash file, and matches, and > then execute or warn.
I hope it is /not/ MD5, which has been 'cracked' for a while now ;) http://www.mscs.dal.ca/~selinger/md5collision/ In principle however, your idea would work well in practice. It's even quite possible to do today. I would like to see SELinux/AppArmour taken that little bit further too. I still refuse to run anti-virus on Linux, I *don't* need it :) Matthew. -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/