Re: verifying a Debian package
"Karsten M. Self" <kmself@ix.netcom.com> writes:
> Many files within many debian packages _do_ have MD5 sums. The
> debsums package allows you to validate installed files against an
> md5sum database. Think through what it is you're trusting when you
> do this.
I've found debsums very useful in recovering from hardware corruption;
it gives me a list of packages where things on the hard drive are
missing or not what's expected. I wouldn't trust it for trying to
recover a cracked machine, though (it's easy enough for a rootkit to
regenerate the md5sum files if it wants to).
--
David Maze dmaze@debian.org http://people.debian.org/~dmaze/
"Theoretical politics is interesting. Politicking should be illegal."
-- Abra Mitchell
Reply to: