Re: New monit web-interface

[Martin Pala]

Jan-Henrik Haukeland wrote:
> Martin Pala <address@hidden> writes:
>
>
> > Problem is, that mtime can easily be modified (for example by unix
> > 'touch' command). Its not big problem for intruder to mangle this
> > value.
>
>
> I know, I was think appart from mangling that it could be a good
> idea. 
>
> Anyway, given Thomas and your's objections about changing the checksum
> feature which, BTW I agree with - I wasn't thinking about mangling. I
> think the best thing is to leave the checksum function as is. 
>
> Because if a user choose to checksum a file he will probably want to
> pay the extra penalty the test takes in CPU cycles. I mean, for a
> program like monit, correctness is more important than speed.
>
> +1 for not changing the checksum function

Agree,

when checksum will depend on time, it will be fast useless => when the 
performance is the issue, it will be better to not enable checksum (as 
you described). In the case that checksum depends on time it can only be 
useful against "dumb" intruders.

+1 for not changing the checksum function

Martin