diff options
Diffstat (limited to 'src/Daemon')
| -rw-r--r-- | src/Daemon/MiddleWare.cpp | 7 | ||||
| -rw-r--r-- | src/Daemon/abrt.conf | 2 |
2 files changed, 8 insertions, 1 deletions
diff --git a/src/Daemon/MiddleWare.cpp b/src/Daemon/MiddleWare.cpp index 01c3850b..ba7e0a05 100644 --- a/src/Daemon/MiddleWare.cpp +++ b/src/Daemon/MiddleWare.cpp @@ -655,6 +655,12 @@ static mw_result_t SavePackageDescriptionToDebugDump( log("Package '%s' isn't signed with proper key", packageName.c_str()); return MW_GPG_ERROR; } + /* + Checking the MD5 sum requires to run prelink to "un-prelink" the + binaries - this is considered potential security risk so we don't + use it, until we find some non-intrusive way + */ + /* if (!CheckHash(packageName.c_str(), pExecutable)) { error_msg("Executable '%s' seems to be modified, " @@ -662,6 +668,7 @@ static mw_result_t SavePackageDescriptionToDebugDump( pExecutable, packageName.c_str()); return MW_GPG_ERROR; } + */ } } diff --git a/src/Daemon/abrt.conf b/src/Daemon/abrt.conf index bffc48da..1dd994a8 100644 --- a/src/Daemon/abrt.conf +++ b/src/Daemon/abrt.conf @@ -4,7 +4,7 @@ # Checking signatures may require prelink to be run. # This has a remote possibility of breaking binaries and libraries, # and also SELinux gets unhappy about prelink trying to modify them. -OpenGPGCheck = no +OpenGPGCheck = yes # GPG keys OpenGPGPublicKeys = /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora # Blacklisted packages |