Re: md5sums
On Tue, 1 Dec 1998, Christoph Lameter wrote:
> debsums is used for md5sums generated *before* generating the .deb. They
> will detect any tampering attempts or any other accidents in the whole
> packaging in and out process. Its an attempt to guarantee that the files
> are the way they were on the *maintainers* system.
>
> tripwire adds md6sums *after* installing a .deb and a virus infected
> system could already have modified files.
Including the md5sum files :> It is no safer to generate and include the
hashes then it is to have the hashes generated on the fly. Both are
equally susceptible to all sorts of attacks
Jason
Reply to:
- References:
- Re: md5sums
- From: Christoph Lameter <christoph@lameter.com>