Eternal 'good file hashes' list

Ralf Ertzinger fedora at camperquake.de
Tue Oct 20 17:45:53 UTC 2009


Hi.

On Tue, 20 Oct 2009 19:37:39 +0200, nodata wrote

> It sounds like a solution looking for a problem to me.

Well, the problem is being able to determine whether the files on
your system have been compromised, which seems like a sensible idea
to me.

> Here's a better idea:
> 
> * Host the config files for each package online, retrievable by rpm
> name and version of the package. This would allow diffs between what
> is on the server and what was in the package.

Or even better: keep the (compressed) config files in the RPM database.
They're usually small and text, so the disk space used would not be
all that great.

Yes, I've wished for that in the past, too.




More information about the fedora-devel-list mailing list