Martin Pala <address@hidden> writes:
Problem is, that mtime can easily be modified (for example by unix
'touch' command). Its not big problem for intruder to mangle this
value.
I know, I was think appart from mangling that it could be a good
idea.
Anyway, given Thomas and your's objections about changing the checksum
feature which, BTW I agree with - I wasn't thinking about mangling. I
think the best thing is to leave the checksum function as is.
Because if a user choose to checksum a file he will probably want to
pay the extra penalty the test takes in CPU cycles. I mean, for a
program like monit, correctness is more important than speed.
+1 for not changing the checksum function