Re: md5sum proposal

[Peter S Galbraith <GalbraithP@dfo-mpo.gc.ca>]

Marcus Brinkmann wrote:

> See, Piotr. We all agree with you that it would be great if we had a
> reliable and secure tool to verify the system integrity.
> 
> The real problem is that your proposal did nothing to get us closer to this
> goal. Putting md5sums in the package file is probably not the  way to go.

Then why do we half do it already?
Is there another reason?  (I'm not talking `secure', I'm talking
help for crash recovery).

> We all feel that you have a point, but we also see that you can't offer a
> high quality solution. If you can give us a free clone of tripwire or
> something like that, we can see what we can do to integrate it into the
> standard Debian distribution. As Manoj said, (I don't remember the correct
> words), a half baken solution can be worse then no solution at all.

Isn't that what we have now?  I'd suggest we either have using
md5sums files for _all_ packages, or remove them (over time) from
packages that do use them.

I personally think that (1) we already use them, (2) they don't
hurt and (3) they could help.  I don't see this as a half baked
solution to helping crash recovery.  Our present state of half
the packages using them _is_ half baked.

I agree that this doesn't give built-in protection against
intrusions.  But that's another topic, isn't it?  For that, use
tripwire, or move all your md5sums files to offsite media after
installation, and periodically check the system against the
archived md5sums.  This would be feasible.

Peter