Re: debsums for maintainer scripts
On Thu, 04 Dec 2003 17:36:16 +0100, Thomas Viehmann <firstname.lastname@example.org> said:
> Manoj Srivastava wrote:
>> Before we make such a push, we should at least ensure that it is
>> something we really want to do. I think locally generated checksums
>> are a better solution.
> To me, the main use of md5sums seems to be verifying nothing bad (as
> in accident, not malicious manipulation) happened to the extracted
> files. md5sums included in the packages do that even earlier than
> those generated.
What kind of accident? Files lost? We already have a list of
files for files being deleted, and having hashes of the files helps
not -- you need to download the deb to get them back Permissions
changed or owner changed? chesum hashes do not help there. How often
have you had a mass corruption as an accident? What exactly is the
use case we are solving here?
And do you not think that each of you women is an Eve? The judgment
of God upon your sex endures today; and with it invariably endures
your position of criminal at the bar of justice. Tertullian,
second-century Christian writer, misogynist
Manoj Srivastava <email@example.com> <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C