[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: debsums for maintainer scripts

* Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de> [031204 02:46]:
> "Bernhard R. Link" <blink@informatik.uni-freiburg.de> writes:
> > I don't think so. md5-calculation it not the fastest thing (especially
> > on non-i386 it often feels like downloading and installing together
> > needs less time than the md5sum-verification.
> > So this should be switched off, but then it will be missing when one
> > needs them.
> 
> The md5sum file should be generated at build time, signed and only the
> signature kept. The signature is small enough not to cause bloat, it
> can be included in the Package file or a Signatures.gz file containing
> all signatures could be maintained in the archive.

That still adds the burden of calculating them all after installing.
I also think it is hardly possible to regenerate the .md5sums file
in a way the signature will be kept. It would need to never change
which files are included and how they are sorted. It could also
cause problems with more sophisticated Replaces and may bite with
other things I cannot even think about.

> > Its also a warm feeling to run debsums to see the broken memory chip
> > one just replaced with a working one has not caused any bit-changes
> > in the installed files. If the checksums were created at the same
> > system, one has to get them from somewhere else, so there is little
> > sense in having them generated at all.
> 
> The signature of the locally generated ones wouldn't match the one in
> the Packages or Signatures file. If the Packages/Signatures file has
> been tampered with itself (passed through bad memory) one gets a few
> false negatives but never (1:874584575... whatever the hash size is
> there) a false positive.

Only if there is a reliable way to regenerate them at instalation time.
And if one decided to save the time to calculate them or save the space
by freeing the generated .md5sums file, bringing the system back in a
state where such integrity can be checked is almost equivalent to
a reinstall, while extracting the classical .md5sums file from an 
package pool (local mirror, set of CDs ...) and putting them back in
place is very simple and needs far less processing power.

Hochachtungsvoll,
  Bernhard R. Link

-- 
Sendmail is like emacs: A nice operating system, but missing
an editor and a MTA.
Reply to: