FC12: Hidden files in /usr/bin/*
Tomas Mraz
tmraz at redhat.com
Fri Jan 22 16:24:40 UTC 2010
On Fri, 2010-01-22 at 17:08 +0100, Martin Langhoff wrote:
> On Fri, Jan 22, 2010 at 5:04 PM, Tomas Mraz <tmraz at redhat.com> wrote:
> > No, it does not prevent malicious attacker from subverting the
> > executable. The integrity check prevents just inadvertent modification
> > of the executables/libraries which contain the certified code.
>
> Like prelink? ;-)
Yes, for example. That's why prelink must be disabled when the machine
is running in the FIPS compliant mode.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
More information about the devel
mailing list