Re: proposed release goal: DEBIAN/md5sums for all packages
Peter Samuelson <peter@p12n.org> writes:
> I'd opt for dpkg generating the checksums upon _extracting_ the .deb
> file. We already claim that the md5sums file isn't supposed to be any
> kind of security thing. Why bother to ship it? It is redundant
> information which can easily be regenerated on the user's system.
While it's not the be-all and end-all of security, other OS vendors (Sun
in particular) have found it useful to make available a central database
of MD5 checksums of known-good versions of various binaries. This has
proven invaluable in not a few breakins and compromises when doing
forensics. Since we have such a database essentially for free now in the
form of the md5sums control files, I'd rather not take an approach that
gets rid of it, even if it isn't a horribly effective security measure.
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to: