runmd5sumlist

Data Type

List

Description

The runmd5sumlist variable contains a list of MD5 checksum values. By default, runmd5sumlist is an empty list. Populate it by running the Endpoint Privilege Management for Unix and Linux utility program pbsum -m <file names>, which generates application and file MD5 checksum values.

Use MD5 checksum values to determine if the target files or applications have changed by establishing baseline checksum values and then comparing those baseline checksum values against a checksum that is generated during security policy file processing. If the checksum value that was generated during security policy file processing does not match any of the values in runmd5sumlist, then the file or application has changed since generation of the baseline checksum, and Endpoint Privilege Management for Unix and Linux refuses to run it.

Application MD5 checksum values can be used to determine if a virus has infected an application or if the file has been changed.

There is no read-only version of this variable.

This run variable does not apply to pbssh. If it is present in the policy, it does not have any effect on pbssh and is ignored.

Syntax

runmd5sumlist = list of checksum values;

Valid Values

A list of string that represents MD5 checksum values generated by pbsum -m <file names>. The default value is empty, which specifies no checksum checking.

runmd5sumlist={"478cd2ea4b868c459d3fcd3132b00853",
"38a0b33c1f5fa6a2ababf0ce386a2494"};

For more information, please see the following: