Prebinding and checksums

Article:		Mac Security: Identifying Changes to the File System
Subject:		Prebinding and checksums
Date:		2005-10-08 03:21:11
From:		peterhickman
Response to: Prebinding and checksums
The checksum utilities assume a file is just a collection of bytes and process the whole of the file. I know of no checksum utility that examines the structure of a file to decide what data to use for the checksum and what to exclude. To be honest I can think of very few uses of such a tool. Although prebinding could alter a binary it has not shown itself in the months that I have been using this script and installing updates and new applications. As I do the checks daily I will see what has changed and have a pretty good idea of what has been installed / updated from the last check. Of course if I get rooted on the same day as I install a major system upgrade then I will probably miss it.

View All RSS Feeds >

800-889-8969 or 707-827-7019
Monday-Friday 7:30am-5pm PT
©2011, O'Reilly Media, Inc.
All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.