From owner-freebsd-security Fri Jun 20 13:11:24 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id NAA21938 for security-outgoing; Fri, 20 Jun 1997 13:11:24 -0700 (PDT) Received: from eyelab.psy.msu.edu (eyelab.psy.msu.edu [35.8.64.179]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id NAA21929 for ; Fri, 20 Jun 1997 13:11:17 -0700 (PDT) Received: from graphics ([35.8.110.12]) by eyelab.psy.msu.edu (8.8.5/8.8.5) with SMTP id QAA23288 for ; Fri, 20 Jun 1997 16:02:51 -0400 (EDT) Message-Id: <3.0.2.32.19970620160012.008d12c0@eyelab.msu.edu> X-Sender: root@eyelab.msu.edu X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.2 (32) Date: Fri, 20 Jun 1997 16:00:12 -0700 To: freebsd-security@FreeBSD.ORG From: Gary Schrock Subject: Re: Attempt to compromise root In-Reply-To: <25515.866830848@time.cdrom.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk At 11:20 AM 6/20/97 -0700, you wrote: >> (2) Can we get an option during the FreeBSD install to generate the >> md5/mtree digest? Naturally, I read up on this feature after the > >You mean of the exact tree you've installed? Hmmmm. There are >the foo.mtree files in each distribution, but is there some reason >why that wouldn't be enough? The bin.mtree file in particular >pretty much covers any of the binaries you'd probably be interested >in... During the install might not be as usefull as during the make world process. I know I've put together the mtree information for systems that I look after, and having to do it anytime I update a file is a little annoying (in general I forget to update it until the nightly run is done and it complains that things are different than what it expects). Another possiblity (and I don't know how practical this might be), is to incorporate mtree into the normal nightly security check. Gary Schrock root@eyelab.msu.edu