Re: I'm afraid I've been cracked.
Ethan Benson <erbenson@alaska.net> writes:
> > have a similar funcitonality? I couldn't find mention of it in the man page.
>
> debsums but like rpm -V its worthless for security. only useful for
> finding corruption due to disk crashes and whatnot.
But this is so easy to fix.
Consider...
% apt-get install apt
% apt-get install debsums
% debsums -a --from="http"
The first bit might have to be a bit "magic" in that it'd have to at
least try and cope with apt-get being hacked. But in theory that could
be replaced with a "lynx -dump http://security.debian.org/apt | sh"
ala. helix gnome.
However as soon as you trust apt the only thing that needs to be
added is for debsums to check against a debian mirror (and for all the
debian packages to come with md5sums).
--
James Antill -- james@and.org
"If we can't keep this sort of thing out of the kernel, we might as well
pack it up and go run Solaris." -- Larry McVoy.
Reply to: