Re: Trust in the Debian Build Process
Marc Singer <elf@netcom.com> writes:
>...read errors on the system drive corrupt system binaries until
>unexplained errors are noticed by the operator.
>
>The first step to a solution is to sign or checksum the system
>binaries. ITO that this is quite easy. I'm planning to start with a
>checksum, test it, and then add signing.
Doesn't the debsums package do most of this already?
- Jim Van Zandt
Package: debsums
Priority: optional
Section: utils
Installed-Size: 20
Maintainer: Christoph Lameter <clameter@debian.org>
Architecture: all
Version: 1.0
Replaces: debmake
Depends: dpkg-dev
Filename: dists/unstable/main/binary-i386/utils/debsums_1.0.deb
Size: 4166
MD5sum: f58b8bdb7e23743957fca3f01ddd092a
Description: Tools to handle md5sums for installed packages
This package contains instructions and the tools for having packages
generate md5sums for all their files as also done by the debstd
script of debmake. The package also contains a script to generate
md5sum files for debian packages which do not install an md5sum
file. The md5sum will be generated after the package is installed by
invoking debsums_gen.
.
The package also allows comparing the md5sums in a .deb file with the
current installed files by extracting the md5sums file from the .deb
Reply to: