[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: prelink: is it worth it?



On Thu, Jul 9, 2009 at 5:12 PM, Jakub Jelinek <jakub redhat com> wrote:
On Thu, Jul 09, 2009 at 05:07:05PM +0200, yersinia wrote:
> But something one have to pay a security prize on not disabling it :  it
> render impossible to have a
> centralizzated security integrity management (e.g. rfc.sf.net for example)
> or one have to skip from check the prelink binary. Very bad i think.

That's what prelink -y is for, it verifies the binary would prelink from
unprelinked state to bitwise same file and gives you the bits before
prelinking, which you can use for verification.
rpm -V uses this, why can't other security integrity apps do the same?

Yes I know that rpm do this. But other centralizzated integrity checker, perhaps for portability between posix platform, at max permit to skip the check - OSSSEC for example iirc do this - on prelinked binary.

regards


       Jakub

--


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]