Re: are md5sums mandatory for all packages?
Hi,
All right, I think I a beginning to agree. Maybe dpkg *should
have integrity checking (as well as permission and ownership being
recorded record [in the .list file maybe?] -- like a ls -al listing)
If per file mdsums are to be recorded, then maybe hte too
should be pgp-signed (possibly by dpkg at package build time,
possibly a detached signature).
manoj
--
"Sometimes you have to be a harsh cookie editor." Karl
Manoj Srivastava <srivasta@acm.org> <http://www.datasync.com/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
Reply to: