[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: security.debian.org mirrors?

On Thu, Sep 29, 2005 at 09:50:34PM +0200, Arnaud Fontaine wrote:
> Is it possible to have a warranty that the package in the mirror archive
> hasn't be modified  by someone else ? Maybe my question  is stupid but i
> wasn't able to find an answer on replicator website ;).

Is this really more important in the security archive than in the main
archive?  I do not believe it is, since any package, whether in the
security archive or not, is going to execute code as root on your

But anyway, the MD5 checksums and file sizes for the updated package
files are included in the DSA.  Thus, you have plenty of information to
verify the package integrity if you need to.


Attachment: signature.asc
Description: Digital signature

Reply to: