[Feature Request] Calculate a checksum for each whitelisted executable (original) (raw)

Hi there,

First of all, let me say a big thank you for this awesome program! It seems to be working well and I love it!

I think that it would be greatly improved if it calculates a checksum for each file that is in the whitelist.
Why? Because a malicious application can replace a whitelisted program with itself in order to avoid detection.

For example: Let's say that /usr/bin/ping is whitelisted, if a malware overwrites ping the malicious ping that resides in the same path is whitelisted as well.

All of this can be avoided if we compare the malicious ping's checksum with the checksum of the "good" ping that we got when it was whitelisted.

I know that this may complicate things when an application gets updated (thus the checksum changes), but we can add this as an option in the menu for users that want an additional level of security.

Thanks for reading so far and please let me know your thoughts below :)