Przemek Klosowski <[email protected]> writes:
> On 01/22/2010 11:11 AM, Ralf Corsepius wrote:
>> Does it really mandate pollution /usr/bin and thus $PATH?
> OK, I see, you don't object to the checksums in principle, just to the
> location of the files. I don't believe that FIPS requires a specific
> location for the checksums---it's just that they are to be found
> somewhere. I can see two possible solutions:
> - fipscheck looks for the checksum in some standard location, for
> instance /lib/lib64/hmac/usr/bin/xyz, similar to how it was done in RHEL5
> - we find a way to stick the checksum in the executable itself, either
> by being clever about computing a checksum that will agree with the
> executable AFTER the checksum is written in (I have no idea how to do
> that) or by excluding the checksum field from the checksum calculation.
I'm far from an expert in this, but I thought the intent of the FIPS
standard here was to check the executables against some *separately
stored* validation information. Standard or not, your second suggestion
seems rather pointless --- an embedded checksum is 100% useless from any
security perspective, since someone who could modify the file could
change the checksum too. (I'm assuming it's just a checksum and not
any sort of digital signature.)
The separate /lib directory tree seems the way to go, to me. That way
the checksum files could be named the same as what they check, no magic
needed.
regards, tom lane
--
devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/devel
