rpm packages not part of core
Bret Hughes
bhughes at elevating.com
Wed Nov 12 16:29:27 UTC 2003
After have dinked around with a machine I upgraded from a severely
modified 7.1 install and manually installing some stuff and using apt to
install others I would like to know what I have installed that is not
part of the fedora core. More specifically I would like to know what
packages did not come from the FC1 distro itself (incase I
inadvertently over wrote /upgraded a core package.
Any thoughts on a way to approach this? I don't mind coding something
that will cruise through a rpm -qa and digging out the info, I just
don't know what info to dig with. I see this as an ongoing issue since
if I intend to use other repos seems like the likelyhood that someone
will sneak an expolit into a package that replaces a system file or
something. This assumes of course that fedora packages are safe. What
should I look for if someone were to try and spoof rpm db entries to
look like they came from fedora?
Bret
More information about the fedora-list
mailing list