[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Help-bash] bash suitable for parsing big files?

From: adrelanos
Subject: Re: [Help-bash] bash suitable for parsing big files?
Date: Fri, 13 Sep 2013 04:33:28 +0000

Matthew Cengia:
>>> > > Ultimately, it comes down to "What are you really trying to do?"
>> > 
>> > Imagine you are using $linux-distribution on hdd and you want to check
>> > the integrity of your system. You're booting from USB or DVD and which
>> > you assume the clean of backdoors while you're not so sure your hdd
>> > contains a backdoor.
>> > 
>> > The script I am writing looks what files are installed, downloads the
>> > package from $linux-distribution's repositories and compares them with
>> > the ones on the disk. Finally reports which were modified and which ones
>> > could not be verified (because they are not in a package, auto generated
>> > files, etc.). [And more.] I am doing such a thing, just not to verify a
>> > hdd, but to verify a virtual machine image.
>> > 
>> > Code:
>> >
>> > 
>> > Function:
>> > parse_dpkg_status_file
>> > 
> This is what debsums is for: 

debsums is fine tool, but not the right tool for this job. It's fine for
checking integrity, but not for checking malware. Uses weak hash sums
and its manpage acknowledges "[...] is of limited use as a security
tool. [...]" It only works within the system and can not in another root
folder. (Well, you could use chroot, but then you would use untrusted
binaries.) Debsums lacks also a feature to make a list with files it
hasn't verified, because they are not owned by any packages.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]