Re: Checksums and file sizes
From: Bela Lubkin (belal_at_sco.com)
Date: 10/19/03
- Next message: tony_at_aplawrence.com: "Re: SCO drop loyal resellers..."
- Previous message: Ronald Marchand: "Re: Windows printing fails with Merge 5.3.7"
- In reply to: Don Williams: "Re: Checksums and file sizes"
- Next in thread: Don Williams: "Re: Checksums and file sizes"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 18 Oct 2003 23:57:22 GMT To: scomsc@xenitec.ca
Don Williams wrote:
> "Jeff Liebermann" <jeffl@comix.santa-cruz.ca.us> wrote in message
> news:0hp2pvsodh46p9b50m1ck442a6b3vjm5pn@4ax.com...
> > What problem are you trying to solve?
> >
> > Just because the checksum database doesn't agree with
> > custom -V strict
> > doesn't mean your system is toast, compromised, or rootkited. It
> > means that SCO did not do a particularly exemplary job of maintaining
> > the checksums for updates, fixes, patches, and security updates. I
> > usually look at the output and manually decide what to fix. The usual
> > broken symlinks occupy most of my time. These are tricky as they may
> > be two versions of the same program or two divergent copies of the
> > same configuration file. I look at the permissions and ownership, and
> > only tweak files that are obviously wrong or insecure. Anything with
> > SUID and GUID gets my immediate attention. Other than that, I do
> > nothing and leave the rest alone.
> >
> > >So, what to do? I think the list it is comparing to is out of date but
> > >don't know how to fix it.
> >
> > Do you want to fix the checksum list or the files? What are you
> > trying to fix?
> >
> > >The system works fine,
> >
> > If it works, leave it alone. If it's not broken, you're not trying
> > hard enough.
> Jeff, at some point I would like to fix the list since the files seem O.K.
> and the system is running.
>
> As I said above, I think the list is out of date because of file changes.
> That's why I was asking where the list is stored and how it could be edited.
>
> For now everything is great, as indicated above so I'll leave things as they
> are.
Let me try to explain this again...
`custom -V strict` compares your system's _modified_ files to the
_original_ files shipped with the distribution. It's _supposed_ to
point out files that you've changed. You could use this if, for
instance, you were going to install a completely new system and wanted
to manually copy over (or compare) the files you had changed on the old
system. It is the wrong tool to use if you want to ask "which files
have unexpected (anomalous) changes?"
`custom -V thorough` is the command you're looking for. Even so, do not
blindly try to follow its output as if it were 100% correct. Every
release of OpenServer 5.0.x has had a number of symlink breaks, files
which were mistakenly listed as non-changable when in fact they were
changable, files whose ownership or permissions are naturally changable,
and things like that. The "thorough" output is a reasonable guide to
look through. It is not gospel.
>Bela<
- Next message: tony_at_aplawrence.com: "Re: SCO drop loyal resellers..."
- Previous message: Ronald Marchand: "Re: Windows printing fails with Merge 5.3.7"
- In reply to: Don Williams: "Re: Checksums and file sizes"
- Next in thread: Don Williams: "Re: Checksums and file sizes"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
