![]() If you just wanna test it you may run it directly. When using checkroot first make sure that your rpm is not compromised at best by booting from a CD. The tool fetches the master keys stored in the gpg-pubkey package on every run so that you will either need internet access or an installation strictly bounded to offline resources like your install-DVD. However this either requires a fully updated system or will otherwise not work for external repos like Packman. If you do not trust some of the keys (the private keys could have been stolen) you can choose to re-download the header of every installed package by the -n option. If the verification of the header fails the tool can re-download a fresh header (slower than just having to access the hard disk). The good thing about this tool is that it verifies the header with the public key prior to acessing the md5sum list in the header. To prevent this the header of all packages are signed by a private gpg-key/fingerprint. ![]() However a cracker can modify these md5sum lists along with the files he has modified. ![]() The tool works like the following: On your hard disk md5sum lists for all files belonging to packages installed via rpm are stored in your rpm database so that it should be possible to detect file alterations. Otherwise we can not assimilate and re-distribute your changes here at Ĭross reference: checkroot for Debian and Ubuntu *** more up to date read this *** Please sign our Contributor License Agreement if you want to contribute code. Verify your download with software/SHA512SUMS.signed.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |