Re: Security Run Output

In reply to: Odhiambo Washington : "Re: Security Run Output"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Kurt Hackenberg <kh_at_panix.com>
Date: Sun, 26 Mar 2023 16:14:13 UTC

On Sun, Mar 26, 2023 at 03:32:57PM +0300, Odhiambo Washington wrote:

>On Sun, Mar 26, 2023 at 3:18 PM Gerard E. Seibert <jerry@seibercom.net>
>wrote:
>
>> For quite some time now, I have been receiving a warning message of
>> 1025 packages with mismatched checksums in the daily "Security Run
>> Output" email. They are all prefixed with "py39-"
...
><quote>
>
>pkg check -r or pkg check --recompute recalculates and sets the checksums
>    of installed packages. This command should only be used when the admin-
>    istrator has made modifications that invalidate a package checksum.
>    Spontaneous checksum problems can indicate data or security problems.
>
></quote>

Mismatched checksums are a bad sign -- "can indicate data or security 
problems." It would be good to find out why the checksums don't match 
the package contents.

Maybe the checksums are correct, but the package contents are wrong. In 
that case, resetting the checksums wouldn't fix anything; it would only 
hide the problem.