[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian should move away from MD5 (and at best also from SHA1) (in secure APT and friends)

Kurt Roeckx wrote:
> Andrey Rahmatullin wrote:
> > Kurt Roeckx wrote:
> > > There are also the md5sums files that are stored in the .deb file.
> > > I'm not really sure what the real use case for them is and
> > > wouldn't have a problem with them going away.
> > debsums(1) aka "what packages on my system are corrupt by a recent FS
> > failure"
> I know about debsums, I just don't find it useful.
> For the case of corruption I would either use backups or
> reinstall the whole thing.  If there is corruption it
> ussually screws up more than the files covered by the md5sums.

The use case for debsums is for *detection* of corruption.  And
neither is it a security mechanism.  But it is a useful integrity
check mechanism.


Attachment: signature.asc
Description: Digital signature

Reply to: