Re: And now for something completely different... etch!

To: debian-devel@lists.debian.org
Subject: Re: And now for something completely different... etch!
From: Russ Allbery <rra@stanford.edu>
Date: Wed, 15 Jun 2005 13:10:57 -0700
Message-id: <[🔎] 87wtov4bzi.fsf@windlord.stanford.edu>
In-reply-to: <[🔎] 1118833175.23816.95.camel@icampbell-debian> (Ian Campbell's message of "Wed, 15 Jun 2005 11:59:34 +0100")
References: <[🔎] 20050606230311.GA25820@dat.etsit.upm.es> <[🔎] 20050609235810.GA17482@kitenet.net> <[🔎] 200506120824.09528.russell@coker.com.au> <[🔎] 200506120038.32560.fjp@debian.org> <[🔎] 1118796150.22287.58.camel@localhost.localdomain> <[🔎] 20050615083145.GE14860@saruman.uio.no> <[🔎] 20050615090949.GB2970@mauritius.dodds.net> <[🔎] 20050615104558.GA4857@country.grep.be> <[🔎] 1118833175.23816.95.camel@icampbell-debian>

Ian Campbell <ijc@hellion.org.uk> writes:

> I might be talking out of my arse (99% probability ;-)) but I thought
> I'd heard that it was possible to store the pre-linking information
> separately to the binaries, under /var/cache or something for example.

> Am/was I imagining things?

One of the points of the md5sum verification is to ensure that the
binaries haven't been tampered with.  If one can tamper with the binaries
by modifying some file in /var/cache instead, doesn't that just
reintroduce the same problem?

-- 
Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>

Reply to:

Follow-Ups:
- Re: And now for something completely different... etch!
  - From: Olaf van der Spek <olafvdspek@gmail.com>
- Re: And now for something completely different... etch!
  - From: Ian Campbell <ijc@hellion.org.uk>
- Re: And now for something completely different... etch!
  - From: Steve Langasek <vorlon@debian.org>

References:
- And now for something completely different... etch!
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: And now for something completely different... etch!
  - From: Joey Hess <joeyh@debian.org>
- Re: And now for something completely different... etch!
  - From: Russell Coker <russell@coker.com.au>
- Re: And now for something completely different... etch!
  - From: Frans Pop <fjp@debian.org>
- Re: And now for something completely different... etch!
  - From: Gustavo Noronha Silva <kov@debian.org>
- Re: And now for something completely different... etch!
  - From: Petter Reinholdtsen <pere@hungry.com>
- Re: And now for something completely different... etch!
  - From: Steve Langasek <vorlon@debian.org>
- Re: And now for something completely different... etch!
  - From: Wouter Verhelst <wouter@debian.org>
- Re: And now for something completely different... etch!
  - From: Ian Campbell <ijc@hellion.org.uk>

Prev by Date: Re: linking to libssl makes non free?
Next by Date: Re: And now for something completely different... etch!
Previous by thread: Re: And now for something completely different... etch!
Next by thread: Re: And now for something completely different... etch!
Index(es):
- Date
- Thread