Re: md5sums
debsums is used for md5sums generated *before* generating the .deb. They
will detect any tampering attempts or any other accidents in the whole
packaging in and out process. Its an attempt to guarantee that the files
are the way they were on the *maintainers* system.
tripwire adds md6sums *after* installing a .deb and a virus infected
system could already have modified files.
On 1 Dec 1998, Manoj Srivastava wrote:
> Hi,
> >>"Joey" == Joey Hess <joey@kitenet.net> writes:
>
> Joey> What do people here think about changing policy to reccommend
> Joey> that packages contain a md5sums file? The big reason to add it
> Joey> to policy is to make the tools that use it (debsums, mainly)
> Joey> more useful, so they can begin to work on all packages.
>
> Could you refresh my memory about what exactly does debsums
> do? How is it different from tripwire? I know we are not doing this
> for install-security, since pgp-sgned md5sums provide security
> there.
>
> manoj
> --
> I have learned To spell hors d'oeuvres Which still grates on Some
> people's n'oeuvres. Warren Knox
> Manoj Srivastava <srivasta@acm.org> <http://www.datasync.com/%7Esrivasta/>
> Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
>
>
> --
> To UNSUBSCRIBE, email to debian-policy-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to:
- Follow-Ups:
- Re: md5sums
- From: Jason Gunthorpe <jgg@ualberta.ca>
- Re: md5sums
- From: Manoj Srivastava <srivasta@wgolden-gryphon.com>
- References:
- Re: md5sums
- From: Manoj Srivastava <srivasta@wgolden-gryphon.com>