Marking Ubuntu GNOME as Invalid as that's just far too broad.
Marking debsums and dpkg as Wontfix because debsums is not intended to be a security tool:
debsums is intended primarily as a way of determining what
installed files have been locally modified by the administrator or damaged by media errors and is of limited
use as a security tool.
If you are looking for an integrity checker that can run from
safe media, do integrity checks on checksum databases and can
be easily configured to run periodically to warn the admin of
changes see other tools such as: aide, integrit, samhain, or
tripwire.
I suspect the list of suggested programs in the last sentence may need some modification due to the passage of time.
debsums is not suitable for determining malicious modifications of the filesystem. An attacker in a position to modify packaged files can likely also replace debsums itself, any libraries that debsums may use, the database of hashes, perhaps even kernel mechanisms that would hide the effects of modified filesystems.
debsums is meant to help discover locally-modified programs and it serves that purpose well even with md5.
Marking Ubuntu GNOME as Invalid as that's just far too broad.
Marking debsums and dpkg as Wontfix because debsums is not intended to be a security tool:
debsums is intended primarily as a way of determining what
administrator or damaged by media errors and is of limited
installed files have been locally modified by the
use as a security tool.
If you are looking for an integrity checker that can run from
safe media, do integrity checks on checksum databases and can
be easily configured to run periodically to warn the admin of
changes see other tools such as: aide, integrit, samhain, or
tripwire.
I suspect the list of suggested programs in the last sentence may need some modification due to the passage of time.
debsums is not suitable for determining malicious modifications of the filesystem. An attacker in a position to modify packaged files can likely also replace debsums itself, any libraries that debsums may use, the database of hashes, perhaps even kernel mechanisms that would hide the effects of modified filesystems.
debsums is meant to help discover locally-modified programs and it serves that purpose well even with md5.
Thanks