Re: md5sum proposal
I "second" the objection. I think, that while the md5sum may not do harm
(although if you're relying on it for security reasons you may be
believing files that have been changed) -- I think we need to put more
thought into this (as suggested: tripwire, juliet filesystem, etc) for
many other reasons.
BR
On 17 May 1999 at 15:27, Manoj Srivastava wrote about "Re: md5sum proposal":
> Hi,
> >>"Peter" == Peter S Galbraith <GalbraithP@dfo-mpo.gc.ca> writes:
>
> >> After some file system crash or any other seasons I'd like to check
> >> which files are corrupted, i.e. by 'debsums' tool.
>
> Peter> This reason alone is enough. I second the motion.
>
> Why reinvent the wheel and further bloat the packjaging
> system? Tripwire does this just fine. And I would rather we wrote a
> standalone file monitoring system that took into account my
> modifications of config files in /etc (which can't be put into the
> package, since I do modify the files).
>
> When it comes to security, half bakes solutions are worse than
> none at all. Debsums do not provide any security when it comes to
> package integrity checking, or protection against breaches, and they
> leave exposed the most critical parts of the system -- the config
> files.
>
> I think I object to this proposal on technical grounds.
>
> manoj
>
--
Brock Rozen brozen@torah.org
Director of Technical Services (410) 602-1350
Project Genesis http://www.torah.org/
Reply to: