Security advisory e-mail
Les Mikesell
lesmikesell at gmail.com
Tue Sep 4 13:09:05 UTC 2007
Dave Burns wrote:
> There are some people who would like to both keep track of what files
> have changed on their systems (with tripwire or aide, etc.) and
> install security (and only security) updates. Doing a general yum
> update makes this practically infeasible, since several hundred files
> that tripwire tracks will likely change with every update.
I'm not sure that makes much sense with a bleeding-edge distro like
fedora where the bugfix updates are often essential for operation.
> Perhaps there is an opportunity for a new tool here, one that
> integrates yum and tripwire so that a yum update would not cause
> tripwire to generate 500 alerts. Or maybe people who care about
> tracking this stuff should just update stuff with security
> implications.
Yes, something that ran rpm to verify the files tripwire identifies as
changed before complaining about them might work.
--
Les Mikesell
lesmikesell at gmail.com
More information about the users
mailing list