[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Eternal 'good file hashes' list



On Tue, Oct 20, 2009 at 10:20:17AM +0200, Tomas Mraz wrote:

> What would this be good for? Actually for some files it would be a known
> bad file hashes because these files (binaries or scripts) would contain
> known vulnerabilities and so knowing that you have a file that was once
> included in Fedora does not guarantee you almost anything.

Having a hash list of well known files might also help in forensics
analysis to find suspicious files. Also with determining the correct RPM
NVR one could use the repo metadata to check wether there are known
vulnerabilities for certain files or just to detect that the file is not
from an uptodate RPM.

Regards
Till

Attachment: pgpncYblauAiL.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]