On Thu, Sep 29, 2005 at 09:50:34PM +0200, Arnaud Fontaine wrote: > Is it possible to have a warranty that the package in the mirror archive > hasn't be modified by someone else ? Maybe my question is stupid but i > wasn't able to find an answer on replicator website ;). Is this really more important in the security archive than in the main archive? I do not believe it is, since any package, whether in the security archive or not, is going to execute code as root on your machine. But anyway, the MD5 checksums and file sizes for the updated package files are included in the DSA. Thus, you have plenty of information to verify the package integrity if you need to. noah
Attachment:
signature.asc
Description: Digital signature