Re: debsums for maintainer scripts
On Dec 3, 2003, at 21:07, Goswin von Brederlow wrote:
You can just as well just check all the debs. gunzip doesn't take
longer, the slowest thing usually is the cdrom.
True, so I should probably just put the md5sums files on my CD, and
check those. That'd be far faster.
I could even put the md5sums on a floppy, they're small. Or md5sums for
all packages, even.
Actually, I think the biggest benefit of md5sums is that while
attackers certainly could modify them, often they don't. While passing
debsums certainly can't prove the integrity of a system, debsums
failing can certainly prove the lack of integrity.
And they do help when you suspect hardware troubles, too.