advertisement

Article:
  Mac Security: Identifying Changes to the File System
Subject:   check out ctool
Date:   2005-10-08 09:28:07
From:   peterhickman
Response to: check out ctool

Interesting, but as the page states it cannot be used to verify an executable. However you could use the normal checksum to flag up that something has changed and then use ctool to show if the changes were just in the prebinding or the actual code itself.


The package itself is available from Darwin Ports at [http://packages.opendarwin.org/Tiger-Packages/ctool-1.2.3.mpkg/].


Having said that I have yet to find prebinding changes to be a problem. But it is good to know that there is a solution should it be needed. Thanks for bringing it up.