Re: debsums for maintainer scripts

To: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
Cc: Debian Devel <debian-devel@lists.debian.org>
Subject: Re: debsums for maintainer scripts
From: Anthony DeRobertis <asd@suespammers.org>
Date: Thu, 4 Dec 2003 12:18:14 -0500
Message-id: <[🔎] D846D151-267D-11D8-BBF9-00039317863E@suespammers.org>
In-reply-to: <[🔎] 87ptf5cp3b.fsf@mrvn.homelinux.org>
References: <[🔎] 8765h0mzk1.fsf@mrvn.homelinux.org> <[🔎] 3FCB50A2.90907@beamnet.de> <[🔎] 20031201161124.GA21059@complete.org> <[🔎] 20031201170828.GA17611@zombie.inka.de> <[🔎] 20031201184317.GA1760@mail.schiach.de> <[🔎] 20031201185609.GA14602@cattlegrid.net> <[🔎] 20031201201152.GF17282@mails.so.argh.org> <[🔎] 20031201221236.GA23983@cattlegrid.net> <[🔎] 87brqqb3oa.fsf@glaurung.green-gryphon.com> <[🔎] 1070491251.18244.136.camel@bohr.local> <[🔎] 87ptf5cp3b.fsf@mrvn.homelinux.org>

On Dec 3, 2003, at 21:07, Goswin von Brederlow wrote:


You can just as well just check all the debs. gunzip doesn't take
longer, the slowest thing usually is the cdrom.

True, so I should probably just put the md5sums files on my CD, andcheck those. That'd be far faster.

I could even put the md5sums on a floppy, they're small. Or md5sums forall packages, even.

Actually, I think the biggest benefit of md5sums is that whileattackers certainly could modify them, often they don't. While passingdebsums certainly can't prove the integrity of a system, debsumsfailing can certainly prove the lack of integrity.


And they do help when you suspect hardware troubles, too.

Reply to:

Follow-Ups:
- Re: debsums for maintainer scripts
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>

References:
- Revival of the signed debs discussion
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
- Re: Revival of the signed debs discussion
  - From: Thomas Viehmann <tv@beamnet.de>
- Re: Revival of the signed debs discussion
  - From: John Goerzen <jgoerzen@complete.org>
- debsums for maintainer scripts (was: Re: Revival of the signed debs discussion)
  - From: Eduard Bloch <edi@gmx.de>
- Re: debsums for maintainer scripts (was: Re: Revival of the signed debs discussion)
  - From: Michael Ablassmeier <abi@grinser.de>
- Re: debsums for maintainer scripts (was: Re: Revival of the signed debs discussion)
  - From: christophe barbe <christophe@cattlegrid.net>
- Re: debsums for maintainer scripts (was: Re: Revival of the signed debs discussion)
  - From: Andreas Barth <aba@not.so.argh.org>
- Re: debsums for maintainer scripts (was: Re: Revival of the signed debs discussion)
  - From: christophe barbe <christophe@cattlegrid.net>
- Re: debsums for maintainer scripts
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: debsums for maintainer scripts
  - From: Anthony DeRobertis <asd@suespammers.org>
- Re: debsums for maintainer scripts
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>

Prev by Date: Re: Bits from the RM
Next by Date: Re: [RFC] adding system users: which is the best way??
Previous by thread: Re: debsums for maintainer scripts
Next by thread: Re: debsums for maintainer scripts
Index(es):
- Date
- Thread