mysterious files on a fedora system but not from rpm

Dave Burns tburns at hawaii.edu
Sun Nov 18 20:20:18 UTC 2007


> Practically all .py modules will get turned into .pyc files and
> won't match the manifests.
>

So any *.py file may generate a <same name>.pyc file?

So if I am trying to be security conscious (anal) and track stuff so I
can say, "Yeah that belongs there" or "Hey this might be part of a
rootkit", this makes a big gray area, right? Is there a way I can
verify that a particular .pyc comes from a .py that *is* on the
manifest? Any way I can request that all .pyc's be constructed *now*
so I can scan them with tripwire? Some  way to deal with this other
than, "Well, it has the same filename as something that belongs
there"?

Hmmm, it seems that all the pyc files I have that are not in the
manifest are all in firstboot. Is it dangerous to uninstall firstboot?
I suppose there might be a circumstanc e where I would need it. Or I
could just erase the pyc files, they would be regenerated if they were
needed, no?


> There are also a few dynamicly created configuration and
> database files floating around Fedora.

Those would presumably not be executable and seem easier to cope with,
though I suppose there is still an issue of when can you be sure they
are all in place? And I suppose that can't be answered in general, but
must be answered on a case by case basis.




More information about the users mailing list