Checksums Done Right
scott at cse.ucdavis.edu
scott at cse.ucdavis.edu
Mon Jul 2 00:19:38 UTC 2007
> Yes, if you're already running in a virtualised environment then
> providing a mechanism for checking the system makes sense. I'm just not
> sure it's a compelling reason to move from a non-virtualised system to a
> virtualised system.
Indeed. I don't expect an integrity scanner like CDR to be *the* reason
people start using virtuali[sz]ation. There are already enough compelling
reasons to use it (and to stay away for that matter). As an admin with the
budget to purchase halfway decent hardware and spend some time on design
it makes my life much easier, so I prefer it.
> so you should be able to scan the filesystem from the
> dom0 without shutting it down
Yes, at least until rootkits hide themselves in memory like I described
before.
> or using LVM.
Yes, but beware of staleness due to disk caching. Of course an LVM
snapshot is by definition stale.
Scott
More information about the Ubuntu-devel-discuss
mailing list