[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: debsums for maintainer scripts (was: Re: Revival of the signed debs discussion)

On Mon, 1 Dec 2003 Chad Walstrom wrote:

> md5sums and signatures are most useful in the context of installation.
> Post-installation, you cannot be guaranteed that an intrusion rootkit
> doesn't compromise the md5sum files themselves.

Sure. The MD5 sums have uses beyond install-time integrity checking,
though. I use debsums to help me decide what I need to back up - if a
file's shipped with a package and hasn't been modified, I don't back up
the file, because I already back up the fact that that package was
installed. This lets me get my whole system onto an uncompressed EXT2 FS
on DVD-RAM while still backing up the scripts, etc. that I customized.

-- Mark

Reply to: