Re: md5sum proposal
Hi,
>>"Christoph" == Christoph Lameter <christoph@lameter.com> writes:
Christoph> On 18 May 1999, Manoj Srivastava wrote:
>> Precisely. You have yet to come up with anything that adresses
>> the technical shortcomings of the md5sum proposal. I, for one, use
>> tripwire. I would much prefer to use a free solution, but I do not
>> have time to write a secure replacement.
Christoph> Technical shortcomings of the tipwire approach vs. the
Christoph> intruder-changes-checksums idea are the same
Very good.
Christoph> plus you only have the checksums of the files *after* they
Christoph> were unpacked.
This is an advantage. This allows me to have the md5sums of
the config files after I modified them. This also allows one to add
other directories and files to the checked list.
Christoph> With md5sums you have the checksums of the files on the
Christoph> *maintainers* system and there is a verification that the
Christoph> files are the *same* as the maintainer generated
Christoph> them. That is what I want.
And you do not trust the md5sum of the .deb (you do check
that, don't you?). The md5sum of the .deb file, signed by the
maintainer, and accepted by dinstall, guarantees you everything that
the md5sum would. Apt even checks the md5sum of the packages
downloaded.
Christoph> debian-policy did not exist 3 years ago. And I am just in
Christoph> the process of getting into things again. Good to hear
Christoph> that none of your arguments have changed since.
One does not need to change correct one. And you ad hominem
merely proves that your arguments again fail muster.
manoj
--
After enjoying the taste of solitude and the taste of peace, one is
freed from distress and evil, as one enjoys the taste of spiritual
joy. 205
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
Reply to: