[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Security advisory e-mail



Dave Burns wrote:
There are some people who would like to both keep track of what files
have changed on their systems (with tripwire or aide, etc.) and
install security (and only security) updates. Doing a general yum
update makes this practically infeasible, since several hundred files
that tripwire tracks will likely change with every update.

I'm not sure that makes much sense with a bleeding-edge distro like fedora where the bugfix updates are often essential for operation.

Perhaps there is an opportunity for a new tool here, one that
integrates yum and tripwire so that a yum update would not cause
tripwire to generate 500 alerts. Or maybe people who care about
tracking this stuff should just update stuff with security
implications.

Yes, something that ran rpm to verify the files tripwire identifies as changed before complaining about them might work.

--
  Les Mikesell
   lesmikesell gmail com


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]