Re: md5sum proposal
Hi,
>>"Peter" == Peter S Galbraith <GalbraithP@dfo-mpo.gc.ca> writes:
>> After some file system crash or any other seasons I'd like to check
>> which files are corrupted, i.e. by 'debsums' tool.
Peter> This reason alone is enough. I second the motion.
Why reinvent the wheel and further bloat the packjaging
system? Tripwire does this just fine. And I would rather we wrote a
standalone file monitoring system that took into account my
modifications of config files in /etc (which can't be put into the
package, since I do modify the files).
When it comes to security, half bakes solutions are worse than
none at all. Debsums do not provide any security when it comes to
package integrity checking, or protection against breaches, and they
leave exposed the most critical parts of the system -- the config
files.
I think I object to this proposal on technical grounds.
manoj
--
"Liberty is the mother, not the daughter, of order." Proudhon
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
Reply to: