Re: Bug#132767: debsum support should be mandatory

To: debian-policy@lists.debian.org
Subject: Re: Bug#132767: debsum support should be mandatory
From: Joey Hess <joeyh@debian.org>
Date: Fri, 8 Feb 2002 11:40:18 -0500
Message-id: <[🔎] 20020208164018.GA14561@kitenet.net>
Mail-followup-to: debian-policy@lists.debian.org
In-reply-to: <[🔎] 87pu3g8rqx.fsf@glaurung.green-gryphon.com>
References: <[🔎] 20020207161310.D20741@parcelfarce.linux.theplanet.co.uk> <[🔎] 87pu3g8rqx.fsf@glaurung.green-gryphon.com>

Manoj Srivastava wrote:
> 	In order to verify that the system is not compromised, at the
>  very least you need to have the hash file cryptographically
>  signed. 

Sigh. Every time this issue comes off people wander off onto areas of
security. People *don't* use this for security, unless they are idiots.
People use this as an easy way to find out what binaries were corrupted
by their recent disk crash.

By hammering on why this can't be used for security checks every time
this idea is raised, you and others have managed to halt progress on it
seemingly indenfintly. That is not doing a service to our users.

Oh well, nothing in this thread I haven't seen or strenuously objected
to at least 5 times before, so I'm killing it.

-- 
see shy jo

Reply to:

Follow-Ups:
- Re: Bug#132767: debsum support should be mandatory
  - From: Manoj Srivastava <srivasta@debian.org>

References:
- Bug#132767: debsum support should be mandatory
  - From: Matthew Wilcox <willy@debian.org>
- Re: Bug#132767: debsum support should be mandatory
  - From: Manoj Srivastava <srivasta@debian.org>

Prev by Date: Re: Policy for init.d scripts is not LSB compilant
Next by Date: dummy packages and lintian
Previous by thread: Re: Bug#132767: debsum support should be mandatory
Next by thread: Re: Bug#132767: debsum support should be mandatory
Index(es):
- Date
- Thread