Re: md5sum proposal

To: debian-policy@lists.debian.org
Subject: Re: md5sum proposal
From: Piotr Roszatycki <dexter@fnet.pl>
Date: Tue, 18 May 1999 17:23:20 +0200 (CEST)
Message-id: <Pine.LNX.4.10.9905181707410.26004-100000@cyan.fnet.pl>
In-reply-to: <87yaimwhdk.fsf@glaurung.green-gryphon.com>

>         I have a different memory of events. This proposal was brought
>         up on this list, and was shot down because
>  a) It really provides no security.
It is not for *this* security reason (crackers, hackers and others)

>  b) It would bloat the packaging system, when it does not really solve
>     the problem
Good policy could help.

>  c) It does not address the config files, which are quite as critical
>     -- more critical, in fact, than other files, because other files
>        can be foxed by reistalling the packages from a known good
>        archive/CD 
Config files could be excluded from md5sums.

>  d) There are standalone solutions that do a good job -- though we may
>     need to work on free replacements. 
You mean free solutions?

A few weeks ago I had a system crash. I had to check which packages was
broken. I had to do this _quickly_ and _easly_. 
I lost a lot of time because I had to do it manually - a lot of packages
didn't have md5sums check file.

md5sums doesn't repend of dpkg. It is possible to use "3rd party" tool
like debsums.

-- 

Piotr "Dexter" Roszatycki
mailto:dexter@fnet.pl

Reply to:

Follow-Ups:
- Re: md5sum proposal
  - From: Peter S Galbraith <GalbraithP@dfo-mpo.gc.ca>
- Re: md5sum proposal
  - From: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
- Re: md5sum proposal
  - From: Manoj Srivastava <srivasta@debian.org>

References:
- Re: md5sum proposal
  - From: Manoj Srivastava <srivasta@debian.org>

Prev by Date: Re: logrotation
Next by Date: Re: weekly policy summary
Previous by thread: Re: md5sum proposal
Next by thread: Re: md5sum proposal
Index(es):
- Date
- Thread