Subject: Re: verified executable kernel modification committed
To: Brett Lymn <>
From: Perry E. Metzger <>
List: tech-security
Date: 10/30/2002 09:20:43
Brett Lymn <> writes:
> > It is?  Can't mtree do this for us now?
> Indeed it can.  It can also hold the md5/sha1/rmd160 fingerprint for
> the file too.  Is there an mtree for pkg too?
> BTW, be careful about running too far down the chflag hole, as I have
> stated in other mails there are some things that cannot be covered by
> chflags - not ever.

I'm unclear on what chflags can't do. If you chflags /bin and all its
contents immutable, no one is going to be touching the contents. If
they can touch the contents, then why couldn't they alter the md5

Perry E. Metzger