[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: md5sums files

On 2010-03-03, Neil Williams <codehelp@debian.org> wrote:
> Changing to SHA won't help. I'm for ditching all md5sums from packages.
> It's not a lot of disc space gained but it does give a false sense of
> security or 'insurance' if you want to avoid the more formal meaning of
> 'security'.

Please don't.  It's not about security.  It's about being able to detect
corruption.  Also it is very helpful when recovering from ext4 root FS
corruption after a sudden power loss.  Sure, you cannot guarantee that
the md5 store isn't corrupted too but if it isn't then debsums is

Kind regards,
Philipp Kern

Reply to: