22816 – Ability to verify binaries compiled by portage.

Bug 22816 - Ability to verify binaries compiled by portage.

Summary: Ability to verify binaries compiled by portage.

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	Portage Development
Classification:	Unclassified
Component:	Enhancement/Feature Requests (show other bugs)
Hardware:	All Linux

Importance:	High enhancement (vote)
Assignee:	Nicholas Jones (RETIRED)

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2003-06-14 07:45 UTC by Abri le Roux
Modified:	2011-10-30 22:35 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Abri le Roux 2003-06-14 07:45:46 UTC

I think it would be nice to have an option for portage to generate an md5sum or 
simmilar for all of the binaries that it compiles.  
 
Uses for this would be to check (with a command, such as eg. 'emerge verify')  if any of 
the program executables have been modified since they were created, thus letting you 
detect rootkits etc. 

Reproducible: Always
Steps to Reproduce:
1.
2.
3.

Comment 1 Nicholas Jones (RETIRED) gentoo-dev

2003-06-14 10:56:56 UTC

Most rootkits add ld.so.hash and others to intercept md5sums... So that
really won't help _too_ much. Check out 'qpkg gcc -v -c' though as it
does do what you want. MD5s are kept for everything merged.