Re: Announcing: Solaris Fingerprint Database (sfpDB) on SunSolve

[terra () DIKU DK (Morten Welinder)]

Such a database is all good and fine, but it inheritly has at
least one weakness: an attacker can install an old, but genuine
Sun binary with a security hole in it.

If you did a post mortem and found such a file, would you say
"I must have forgotten to update that file" or would you say
"There is something rotten in the State of Denmark"?

(Nevertheless, your database is obviously much better than having
nothing at all.)

Morten