Either Service should check manager binary and Manager all other binaries or Service should check all binaries and not start the Manager at all if signature / hash does not check out.
For the second option the Service will need to process the config file as well, so it might be easier to go with the first option
Either Service should check manager binary and Manager all other binaries or Service should check all binaries and not start the Manager at all if signature / hash does not check out. For the second option the Service will need to process the config file as well, so it might be easier to go with the first option