Re: wishlist for dpkg
Previously Ulf Jaenicke-Roessler wrote:
> The point I was trying to make is that including the md5sums of control.tar.gz
> and data.tar.gz INSIDE the deb (for instance in "debian-binary") and checking
> that, would be a way to handle a corrupted package correctly by rejecting
> its installation.
No, it would not be: we already have a checksuming in the gzip data,
adding a second checksum should not be needed.
/ Nothing is fool-proof to a sufficiently talented fool \
| firstname.lastname@example.org http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |