Date: Sat, 2 Dec 1995 23:33:07 +1100 From: Bruce Evans <bde@zeta.org.au> To: jkh@time.cdrom.com, msmith@atrad.adelaide.edu.au Cc: rdugaue@calweb.com, security@freebsd.org Subject: Re: ****HELP***** Message-ID: <199512021233.XAA09388@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>> > Jordan; how hard would it be to generate a file with the md5's of a stock >> > release system's "standard binaries" for this sort of thing? >> >> Probably not too hard. Let me think about it. You'd want a file >> for each distrib, probably. mtree -c -k md5digest -p / >/safe/all.md5 Bug: when run by non-root, this exits when it hits the unreadable file sper4.036. It's as bad as wc :-(. Worse bug: when run by root, this exits when it hits an unreadable file in /proc. Some regular files aren't. >And a script somewhere for checking it? Should we perhaps start looking at >a SCO-like "perms" setup? Is this something that the security and ISP >people would smile happily upon? mtree -p / </safe/all.md5 >(ie. a distribution-wide listing of md5's, permissions and ownerships, >burnt onto the release CD for security's sake 8) mtree -c -k md5digest,mode,uid,gid -p / >/safe/all.md5 Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199512021233.XAA09388>