[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A place to start

To: kernel-audit@nl.linux.org
Subject: Re: A place to start
From: Ray L <rayl@optitech.com>
Date: Sun, 11 Jun 2000 16:27:30 -0600
In-Reply-To: <3943D71A.FA3916B4@kalifornia.com>; from david@kalifornia.com on Sun, Jun 11, 2000 at 11:14:50AM -0700
References: <91468650040FD411A51100104B63E23123AFD8@postman.chi.navtech.com> <20000611095523.E19971@lemuria.org> <3943D71A.FA3916B4@kalifornia.com>
Sender: owner-kernel-audit@nl.linux.org

On Sun, Jun 11, 2000 at 11:14:50AM -0700, David Ford wrote:
> If we do it section by section, it's not very hard to keep up, even with
> daily releases of kernels.  All we need to do is keep a list of when
> "drivers/net/arp.c" was last audited and the md5sum of the file.  As long as
> that md5sum doesn't change, the value of our audit remains the same as we
> placed on it.

not true in general, unfortunately.  a change in another file might prevent
arp.c from even compiling, let alone implementing correct semantics.  md5sums
are certainly valid for a large class of errors, but not all.


-- 
-----------------------------------------------------------------------------
  Ray Lehtiniemi (rayl@mail.com) (rayl@optitech.com)


Kernel-audit:  discussion list for security and the linux kernel
Archive:       http://mail.nl.linux.org/kernel-audit/

Follow-Ups:
- Re: A place to start
  - From: David Ford <david@kalifornia.com>

References:
- RE: A place to start
  - From: "Bechtolsheim, Stephan" <sbechtol@chi.navtech.com>
- Re: A place to start
  - From: Tom Vogt <tom@lemuria.org>
- Re: A place to start
  - From: David Ford <david@kalifornia.com>
- Re: A place to start
  - From: David Ford <david@kalifornia.com>

Prev by Date: Re: Starting point
Next by Date: RE: suggestion
Prev by thread: Re: A place to start
Next by thread: Re: A place to start
Index(es):
- Date
- Thread