> Practically all .py modules will get turned into .pyc files and > won't match the manifests. > So any *.py file may generate a <same name>.pyc file? So if I am trying to be security conscious (anal) and track stuff so I can say, "Yeah that belongs there" or "Hey this might be part of a rootkit", this makes a big gray area, right? Is there a way I can verify that a particular .pyc comes from a .py that *is* on the manifest? Any way I can request that all .pyc's be constructed *now* so I can scan them with tripwire? Some way to deal with this other than, "Well, it has the same filename as something that belongs there"? Hmmm, it seems that all the pyc files I have that are not in the manifest are all in firstboot. Is it dangerous to uninstall firstboot? I suppose there might be a circumstanc e where I would need it. Or I could just erase the pyc files, they would be regenerated if they were needed, no? > There are also a few dynamicly created configuration and > database files floating around Fedora. Those would presumably not be executable and seem easier to cope with, though I suppose there is still an issue of when can you be sure they are all in place? And I suppose that can't be answered in general, but must be answered on a case by case basis.
