This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
Re: Need some security advice for systemtap
- From: fche at redhat dot com (Frank Ch. Eigler)
- To: Tomasz Chmielewski <mangoo at wpkg dot org>
- Cc: fedora-security-list at redhat dot com, Systemtap List <systemtap at sources dot redhat dot com>
- Date: 05 Jun 2007 11:08:59 -0400
- Subject: Re: Need some security advice for systemtap
- References: <4664691E.7010803@redhat.com> <466522FF.8080801@wpkg.org>
Tomasz Chmielewski <mangoo@wpkg.org> writes:
> Am I right? Is it security based on md5sum? [...]
> http://www.cits.rub.de/MD5Collisions/
Indeed.
md5 was just a "for sake of argument" possibility. We can go with a
different or even multiple hashes. Or, if hashes are deemed
untrustworthy in some particular installation,
/etc/systemtap/authorized_probes could contain copies of the probe
modules in their entirety rather than their hashes.
- FChE