Re: md5sums files

To: debian-devel@lists.debian.org
Subject: Re: md5sums files
From: Philipp Kern <trash@philkern.de>
Date: Wed, 3 Mar 2010 08:34:27 +0000 (UTC)
Message-id: <[🔎] slrnhos7oj.qn5.trash@kelgar.0x539.de>
Reply-to: phil@philkern.de
References: <[🔎] 20100303020620.GA17083@celtic.nixsys.be> <[🔎] slrnhos0g9.nfa.nospam@sshway.ssh.pusling.com> <[🔎] 20100303073518.GB19228@glandium.org> <[🔎] 20100303082909.f287eea1.codehelp@debian.org>

On 2010-03-03, Neil Williams <codehelp@debian.org> wrote:
> Changing to SHA won't help. I'm for ditching all md5sums from packages.
> It's not a lot of disc space gained but it does give a false sense of
> security or 'insurance' if you want to avoid the more formal meaning of
> 'security'.

Please don't.  It's not about security.  It's about being able to detect
corruption.  Also it is very helpful when recovering from ext4 root FS
corruption after a sudden power loss.  Sure, you cannot guarantee that
the md5 store isn't corrupted too but if it isn't then debsums is
helpful.

Kind regards,
Philipp Kern

Reply to:

Follow-Ups:
- Re: md5sums files
  - From: Iustin Pop <iusty@k1024.org>

References:
- md5sums files
  - From: Wouter Verhelst <wouter@debian.org>
- Re: md5sums files
  - From: Sune Vuorela <nospam@vuorela.dk>
- Re: md5sums files
  - From: Mike Hommey <mh@glandium.org>
- Re: md5sums files
  - From: Neil Williams <codehelp@debian.org>

Prev by Date: Re: md5sums files
Next by Date: Re: md5sums files
Previous by thread: Re: md5sums files
Next by thread: Re: md5sums files
Index(es):
- Date
- Thread