[3021] in RedHat Linux List
Re: RPM clobbers files
daemon@ATHENA.MIT.EDU (Tim Baverstock)
Wed Nov 6 15:42:50 1996
From: Tim Baverstock <warwick@mmm.co.uk>
Date: Wed, 6 Nov 1996 20:40:53 GMT
To: redhat-list@redhat.com
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
Donnie Barnes <djb@redhat.com> wrote:
>> I can think of no file which should not be preserved by default if it
>> fails to match its signature in the RPM database - even binaries and
>> logfiles - with the singular exception of cache files or other transients.
>
> Well, that's just where we disagree. By your way, if someone hacks your
> system, puts their own copy of /bin/bash on the system, and you then upgrade
> your copy of bash, the hacked one remains. It may be nice to *keep* the
> file, but *not* leave it in place.
My obfuscation: I meant in an .rpmsave. `Preserved' as in `pickled'. :)
> Also, you lose alot of RPM performance. You'd have to md5 every single file.
> Waiting on that to happen on your X server would suck. Waiting on it for
> emacs would suck worse.
Oh, that certainly would be unacceptable. How about weaker checks against
post-installation copies of file modification time, inode number, length,
etc? Not useful for aggressive security but likely sufficient in deciding
whether to make an .rpmsave.
If some hacker replaced /bin/bash for instance, the worst they could do to
this aspect of the RPM system would be to determine whether or not
/bin/bash.rpmsave.961106aaaa should be created upon reinstallation of
/bin/bash. Considering that they've just replaced /bin/bash, this is
unlikely to be the first thing on their minds. :)
Some bleah quickie suggestions as alternatives to keeping a new database:
Set modification to epoch.
Set modification's microseconds to 1,000,000.
>> --saveall could instruct RPM to make .rpmsaves of any files which don't
>
> We're probably going to implement a --keepconfigs to do that with config
> files.
'Kay. Perhaps config files could have `This is a config file' in a comment,
in the first line or so? At the very least, this could help while writing
%config: grep -li 'This is a config file' `find -type f`
> Everything that should *change* should be marked as a config file. If
> you update, you get a .rpmsave on all those.
It's the `should be marked' bit I'm a little antsy about, I suppose.
Please, don't get me wrong: I firmly believe RPM is one of the very best
features of the exceptional RedHat system; it's just that the thought of a
config file disappearing is almost enough to make me start doing regular
backups. ;)
Menthol cigarettes all round, guys: you're doing great!
.----------------------------------. mailto:warwick@mmm.co.uk
! Tim Baverstock, IP Network Admin ! http://www.mmm.co.uk [/~warwick]
`----------------------------------' plan:"Level 1 RFC1149 compliance."
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
________________________________________________________________________
http://www.redhat.com/RedHat-FAQ http://www.redhat.com/RedHat-Errata
http://www.redhat.com/RedHat-Tips http://www.redhat.com/mailing-lists
------------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe redhat-list-request@redhat.com < /dev/null
