Wire tripped
jludwig
wralphie at comcast.net
Thu Oct 6 23:50:01 UTC 2005
On Thursday 06 October 2005 08:58, Scot L. Harris wrote:
> On Thu, 2005-10-06 at 08:45, Bill Perkins wrote:
> > > I believe you can use rpm to validate the files on your system. rpm is
> > > prelink aware. Check the verify option of rpm. If that shows things
> > > don't match up then you have a system that may have been compromised.
> >
> > I'll take a look into that. What is 'prelink'?
> >
> >
> > Most are executables, some libraries as well (in /usr/lib, openoffice, a
> > bunch of others).
>
> Prelink is used to modify ELF shared libraries and ELF dynamiclly linked
> binaries to reduce startup time. Check out the man page for prelink to
> get more details.
>
> The changes you describe are consistent with prelink.
You could try something like;
--> rpm -vV -a > /root/rpm_verify
Then try less the file /root/rpm_verify.
More information about the fedora-list
mailing list