[vox-tech] possible rooted system / checking md5sum on debian

vox-tech@lists.lugod.org vox-tech@lists.lugod.org
Tue, 8 Oct 2002 00:25:49 -0400


On Sun, Oct 06, 2002 at 10:14:41AM -0700, Peter Jay Salzman wrote:
> is there any automated way to check md5sums of all packages that provide
> binaries for debian packages?

yes.
  debsums.

#Description: Verify installed package files against MD5 checksums.
# debsums can verify the integrity of installed package files against
# MD5 checksums installed by the package, or generated from a .deb
# archive.

  But keep in mind this is a check of the installed files against the
md5 checksums which shipped in the .debs you installed.  So if someone
broke a mirror site and replaced the .debs there and changed the 
.sums file in the bogus .debs this check will be useless.


  If you are after checking the package gnupg signatures and tracing
down to the binaries that you have installed to verify that you have
the correct things... well that isn't implemented yet.  Hopefully
next Debian release... see the following url for more details.

http://www.linuxsecurity.com/docs/harden-doc/html/securing-debian-howto/ch7.en.html