FC12: Hidden files in /usr/bin/*

Tomas Mraz tmraz at redhat.com
Fri Jan 22 16:24:40 UTC 2010

On Fri, 2010-01-22 at 17:08 +0100, Martin Langhoff wrote: 
> On Fri, Jan 22, 2010 at 5:04 PM, Tomas Mraz <tmraz at redhat.com> wrote:
> > No, it does not prevent malicious attacker from subverting the
> > executable. The integrity check prevents just inadvertent modification
> > of the executables/libraries which contain the certified code.
> Like prelink? ;-)

Yes, for example. That's why prelink must be disabled when the machine
is running in the FIPS compliant mode.

Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb

More information about the devel mailing list