FC12: Hidden files in /usr/bin/*
Jarod Wilson
jarod at wilsonet.com
Fri Jan 22 17:10:27 UTC 2010
On Fri, Jan 22, 2010 at 11:23 AM, Garrett Holmstrom
<gholms.fedora at gmail.com> wrote:
> On Fri, Jan 22, 2010 at 10:11 AM, Ralf Corsepius <rc040203 at freenet.de> wrote:
>>> - in some circumstances (government, regulated companies) encryption
>>> must be certified to the FIPS 140-2 standard
>>
>> I don't know this "standard".
>>
>> May-be this "fips standard" collides with the FHS, may-be this standard
>> is defective?
>>
>> Do you have a pointer/reference to this "standard"? Does it really
>> mandate pollution /usr/bin and thus $PATH?
>
> FIPS 140-2 is a US government standard for crypto system security.
> Its full text is available at
> http://csrc.nist.gov/groups/STM/cmvp/standards.html if you're
> interested.
>
> I have no idea if it actually requires them to be alongside the
> executables, but hopefully the link will help.
It doesn't. Also, ugh. I'm the one who actually reviewed hmaccalc to
get included in Red Hat Enterprise Linux 5 (a separate review from the
Fedora one), and pointed out this same problem, and it was done
properly for RHEL5:
$ rpm -ql hmaccalc
/usr/bin/sha1hmac
/usr/bin/sha256hmac
/usr/bin/sha384hmac
/usr/bin/sha512hmac
/usr/lib64/hmaccalc
/usr/lib64/hmaccalc/sha1hmac.hmac
/usr/lib64/hmaccalc/sha256hmac.hmac
/usr/lib64/hmaccalc/sha384hmac.hmac
/usr/lib64/hmaccalc/sha512hmac.hmac
/usr/share/doc/hmaccalc-0.9.6
/usr/share/doc/hmaccalc-0.9.6/LICENSE
/usr/share/doc/hmaccalc-0.9.6/README
/usr/share/man/man8/sha1hmac.8.gz
/usr/share/man/man8/sha256hmac.8.gz
/usr/share/man/man8/sha384hmac.8.gz
/usr/share/man/man8/sha512hmac.8.gz
It should be simple enough to just update the Fedora packages with the
changes in RHEL5 and we can all go eat cake. But first, I'm going to
go play some pickup soccer...
--
Jarod Wilson
jarod at wilsonet.com
More information about the devel
mailing list