Date: Fri, 15 Sep 2000 11:08:21 -0700 (PDT) From: "Jason C. Wells" <jcwells@nwlink.com> To: Lowell Gilbert <lowell@lowellg.ne.mediaone.net> Cc: freebsd-chat@FreeBSD.ORG Subject: Re: Tripwire vs. Mtree Message-ID: <Pine.SOL.3.96.1000915110608.12381A-100000@utah> In-Reply-To: <44og1p5yy5.fsf@lowellg.ne.mediaone.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 15 Sep 2000, Lowell Gilbert wrote: > Remember, there's a chicken-and-egg problem: if your system is > compromised, you can't trust its mtree executable to detect the fact. > Even if you have a "safe" copy of the executable, you can't trust the > system's standard libraries, because those may have been compromised too. > > If you had a statically linked version of mtree on the floppy where you > keep the checksums, mtree would be roughly as good as tripwire, although > not as convenient, and certainly the tripwire option to build a standalone > floppy would take a bit of work to emulate. Having never directly used either ubt knowing what they do, I now see that there are "implementation" issues that have to be considered. Thank you for the input. I would have neglected to consider the trustworthiness of the system libraries. Thank you, Jason C. Wells To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.3.96.1000915110608.12381A-100000>