On Fri, Dec 10, 2010 at 10:30:02PM -0600, Peter Samuelson wrote: > [Osamu Aoki] > > As I read manpage of dh_md5sums, it states: > > -x, --include-conffiles > > Include conffiles in the md5sums list. Note that this > > information is redundant since it is included elsewhere in debian > > packages. > > "Note that this information is redundant" - that's rich. As though > the entire md5sums file weren't redundant. (I.e., could easily be > generated at unpack time.) People seem to hold on to their reasons > why it's important to have these integrity checks in the .deb itself, > not just on the installed system, but ... yeah. Shipping md5sums of > conffiles is only a little bit more redundant than shipping md5sums > of the rest of the files. IIRC, the reason md5sums of conffiles are shipped is to determine whether they have been changed by the administrator so that dpkg knows whether to automatically replace them with newer versions or not. As for integrity checks, which serve a different purpose, MD5 is completely inadequate for this, since it is possible to generate arbitrary collisions for it. For integrity purposes, SHA512 would be a better choice, or maybe SHA256 for 32-bit systems[0]. [0] On 64-bit systems, SHA512 is actually faster than SHA256. SHA384 and SHA224 are not good choices because they are computationally equivalent to SHA512 and SHA256 but have less security. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
Attachment:
signature.asc
Description: Digital signature