Re: md5sum proposal
Hi,
On Tue, May 18, 1999 at 05:23:20PM +0200, Piotr Roszatycki wrote:
>
> A few weeks ago I had a system crash. I had to check which packages was
> broken. I had to do this _quickly_ and _easly_.
> I lost a lot of time because I had to do it manually - a lot of packages
> didn't have md5sums check file.
>
> md5sums doesn't repend of dpkg. It is possible to use "3rd party" tool
> like debsums.
See, Piotr. We all agree with you that it would be great if we had a
reliable and secure tool to verify the system integrity.
We all think this should be optional, probably standard, but nevertheless I
should be able to use it or not.
Most of us think that dpkg should not be this tool, and I agree.
The real problem is that your proposal did nothing to get us closer to this
goal. Putting md5sums in the package file is probably not the way to go. A
good proposal must show where the advantages and disadvantages are, and be
convincing. Also, a good proposal always is open for alternatives, and shows
various applications. Furthermore, any solution must take into account the
diversity of systems, system administrators and file types.
We all feel that you have a point, but we also see that you can't offer a
high quality solution. If you can give us a free clone of tripwire or
something like that, we can see what we can do to integrate it into the
standard Debian distribution. As Manoj said, (I don't remember the correct
words), a half baken solution can be worse then no solution at all.
Thanks,
Marcus
--
`Rhubarb is no Egyptian god.' Debian http://www.debian.org finger brinkmd@
Marcus Brinkmann GNU http://www.gnu.org master.debian.org
Marcus.Brinkmann@ruhr-uni-bochum.de for public PGP Key
http://homepage.ruhr-uni-bochum.de/Marcus.Brinkmann/ PGP Key ID 36E7CD09
Reply to: