Re: debsums for maintainer scripts

To: debian-devel@lists.debian.org
Subject: Re: debsums for maintainer scripts
From: Manoj Srivastava <srivasta@debian.org>
Date: Fri, 05 Dec 2003 03:51:08 -0600
Message-id: <[🔎] 87he0f4mpf.fsf@glaurung.green-gryphon.com>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 3FCF6280.9090805@beamnet.de> (Thomas Viehmann's message of "Thu, 04 Dec 2003 17:36:16 +0100")
References: <[🔎] 8765h0mzk1.fsf@mrvn.homelinux.org> <[🔎] 3FCB50A2.90907@beamnet.de> <[🔎] 20031201161124.GA21059@complete.org> <[🔎] 20031201170828.GA17611@zombie.inka.de> <[🔎] 20031201184317.GA1760@mail.schiach.de> <[🔎] 20031201185609.GA14602@cattlegrid.net> <[🔎] 20031201194918.GA749@khazad-dum.debian.net> <[🔎] 3FCBA96E.60300@beamnet.de> <[🔎] 20031201212244.GA11014@khazad-dum.debian.net> <[🔎] 87fzg2b3r1.fsf@glaurung.green-gryphon.com> <[🔎] 3FCF6280.9090805@beamnet.de>

On Thu, 04 Dec 2003 17:36:16 +0100, Thomas Viehmann <tv@beamnet.de> said: 

> Manoj Srivastava wrote:
>> Before we make such a push, we should at least ensure that it is
>> something we really want to do. I think locally generated checksums
>> are a better solution.
> To me, the main use of md5sums seems to be verifying nothing bad (as
> in accident, not malicious manipulation) happened to the extracted
> files.  md5sums included in the packages do that even earlier than
> those generated.

	What kind of accident? Files lost? We already have a list of
 files for files being deleted, and having hashes of the files helps
 not -- you need to download the deb to get them back Permissions
 changed or owner changed?  chesum hashes do not help there. How often
 have you had a mass corruption as an accident?  What exactly is the
 use case we are solving here?

	manoj
-- 
And do you not think that each of you women is an Eve?  The judgment
of God upon your sex endures today; and with it invariably endures
your position of criminal at the bar of justice. Tertullian,
second-century Christian writer, misogynist
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Reply to:

References:
- Revival of the signed debs discussion
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
- Re: Revival of the signed debs discussion
  - From: Thomas Viehmann <tv@beamnet.de>
- Re: Revival of the signed debs discussion
  - From: John Goerzen <jgoerzen@complete.org>
- debsums for maintainer scripts (was: Re: Revival of the signed debs discussion)
  - From: Eduard Bloch <edi@gmx.de>
- Re: debsums for maintainer scripts (was: Re: Revival of the signed debs discussion)
  - From: Michael Ablassmeier <abi@grinser.de>
- Re: debsums for maintainer scripts (was: Re: Revival of the signed debs discussion)
  - From: christophe barbe <christophe@cattlegrid.net>
- Re: debsums for maintainer scripts (was: Re: Revival of the signed debs discussion)
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: debsums for maintainer scripts
  - From: Thomas Viehmann <tv@beamnet.de>
- Re: debsums for maintainer scripts
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: debsums for maintainer scripts
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: debsums for maintainer scripts
  - From: Thomas Viehmann <tv@beamnet.de>

Prev by Date: Re: [custom] Debian Enterprise - packages
Next by Date: Re: Revival of the signed debs discussion
Previous by thread: Re: debsums for maintainer scripts
Next by thread: Re: debsums for maintainer scripts
Index(es):
- Date
- Thread