Re: debsums for maintainer scripts (was: Re: Revival of the signed debs discussion)

To: debian-devel@lists.debian.org
Subject: Re: debsums for maintainer scripts (was: Re: Revival of the signed debs discussion)
From: Mark Carroll <mark@chaos.x-philes.com>
Date: Thu, 8 Jan 2004 12:28:50 -0500 (EST)
Message-id: <[🔎] Pine.LNX.4.58.0401081223530.31968@niagara.mtbc.internal>

On Mon, 1 Dec 2003 Chad Walstrom wrote:

> md5sums and signatures are most useful in the context of installation.
> Post-installation, you cannot be guaranteed that an intrusion rootkit
> doesn't compromise the md5sum files themselves.

Sure. The MD5 sums have uses beyond install-time integrity checking,
though. I use debsums to help me decide what I need to back up - if a
file's shipped with a package and hasn't been modified, I don't back up
the file, because I already back up the fact that that package was
installed. This lets me get my whole system onto an uncompressed EXT2 FS
on DVD-RAM while still backing up the scripts, etc. that I customized.

-- Mark

Reply to:

Follow-Ups:
- Re: debsums for maintainer scripts (was: Re: Revival of the signed debs discussion)
  - From: Henning Makholm <henning@makholm.net>

Prev by Date: Re: World Domination Plan - phase debtakeover
Next by Date: Re: ITH: tftpd-hpa and tftpd servers default rootdirs
Previous by thread: Re: Bug#53121: Sell or rent your timeshare
Next by thread: Re: debsums for maintainer scripts (was: Re: Revival of the signed debs discussion)
Index(es):
- Date
- Thread