Just remember, it suffers the same weakness as everything else - rpm
can be hacked up as easily as anything else. Olaf is right, once
you've been compromised, booting and comparison against read-only
media is really your only "provable" way of finding out what got hit.
> A medium without modification possibilities (like ROM or CD-Rom)
> or a trusted server should be used to store the signatures or a master
> signature over the files containing the signatures.
...and the rpm binary...and the kernel...and an initrd...and... ;-)
Adam
-- Things look so bad everywhere Adam D. Bradley artdodge@cs.bu.edu In this whole world what is fair Boston University Computer Science We walk blind and we try to see Ph.D. student and Linux hacker Falling behind in what could be ----> Bring me a Higher Love ----> <><