also sprach Bernhard R. Link <firstname.lastname@example.org> [2005.01.03.1055 +0100]: > Are you trying to say "You even get an alarm if the malfunction has > only hit metadata and no important data yet". metadata? We are talking about MD5 sums, and yes, it does not really matter whether the bit flip is in the data or the hash... or can you tell which one actually changed? > > md5sums is not supposed to guard against broken > > hardware, the only cause I see for such bitflips. > > I do not know why you know what it is supposed to do. I also do not > care what it is supposed to do. I'm concerned what it is useful for. > And it is definitly useful. An integrity checker does the job in a better way -- if used properly. And I would be very happy to hear of a good reason for debsums other than helping you figure out which files in /usr or /lib you modified, as the admin -- which you should not do anyway. > > If the md5sum of the DEB file validates against the Packages index, > > the package is valid. > > Hurray, downloading all installed .deb's, verifying their md5sum, > comparing the files against installed versions is still very slow > on a modern computer connected with 100MBit to the local mirror > (containing even all obsolete and old versions of installed packages). > Not to mention the lack of tool to do this automatically... I am failing to see your point. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <email@example.com> : :' : proud Debian developer, admin, user, and author `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
Description: Digital signature