Security advisory e-mail

[Les Mikesell]

Dave Burns wrote:
> There are some people who would like to both keep track of what files
> have changed on their systems (with tripwire or aide, etc.) and
> install security (and only security) updates. Doing a general yum
> update makes this practically infeasible, since several hundred files
> that tripwire tracks will likely change with every update.

I'm not sure that makes much sense with a bleeding-edge distro like 
fedora where the bugfix updates are often essential for operation.

> Perhaps there is an opportunity for a new tool here, one that
> integrates yum and tripwire so that a yum update would not cause
> tripwire to generate 500 alerts. Or maybe people who care about
> tracking this stuff should just update stuff with security
> implications.

Yes, something that ran rpm to verify the files tripwire identifies as 
changed before complaining about them might work.

-- 
   Les Mikesell
    lesmikesell at gmail.com