[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: md5sums files

Wouter Verhelst, 2010-03-03 03:06:20 +0100 :


> In this day and age of completely and utterly broken MD5[0], I think
> we should stop providing these files, and maybe provide something else
> instead.  Like, I dunno, shasums? Or perhaps gpgsigs? But stop
> providing md5sums.
> Or is it useful to be able to say "if it doesn't check out, it's
> certainly corrupt, and if it does check out, it may be corrupt"?
> Didn't think so.

It is useful.  Not too efficient against attacks, I'll grant you, but
there are other use cases.  One of those I run into from time to time,
as maintainer of servers with webapps, is that I want to know from time
to time if there have been local changes in installed files when
compared to the (already custom) packages, so I can have a look and
integrate the changes into the next version of the custom packages.  The
suggestion of having dpkg warn me on upgrade is interesting, but to be
proactive I'm happy to run debsums on my own before the deployment
stage.  Because when you're in a deployment rush and one of the files
lacks a semicolon and breaks the whole app, you just $EDITOR
/usr/share/.../foo.php; some other times, your client messes with their
CSS files locally, and you don't want to be grumbled at if you lose that
change, even if you (and the client) know that the change *should* have
been done in the packages in the first place.

  I'm quite okay with replacing or complementing the md5sums with
something stronger if it helps with security, but removing them
altogether… please no.

Roland Mas

La menace de la baffe pèse plus lourd que la baffe elle-même.
  -- in Sri Raoul le petit yogi (Gaudelette)

Reply to: