Please add support for signed database and config files #7
Comments
|
I think this is, indeed, a really relevant feature to prevent an attacker from simply editing the hashes in the database to evade detection. Here is where I got a little confused: You seem to have removed the code implementing this feature with commit f93408c but I couldn't figure out why. Could you please explain? Will this feature return to AIDE in the future? |
|
@l-e-e-o The code was unmaintained and incompatible with other changes in the Having said that, one can detect a tampered database by comparing the checksums of the used databases in the reports (provided the aide binary is unchanged). I'm curious about your use case for signed databases/config files. How do you ensure that an attacker has not tampered with the AIDE binary? |
|
you can take an example of the implementation of the data signature function from the program Tripwire |
Please add support for signed database and config files. The public key used for signature verification should either be configurable exclusively at compile-time or at run-time via a config option.
The text was updated successfully, but these errors were encountered: