tech-pkg: Re: little hacking project: bulk build checksums

Subject: Re: little hacking project: bulk build checksums
To: None <tech-pkg@NetBSD.org>
From: Lasse Kliemann <lasse-list-tech-pkg-netbsd-2004@plastictree.net>
List: tech-pkg
Date: 01/22/2005 16:41:43

--E/DnYTRukya0zdZ1
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

* Hubert Feyrer writes:
> On Sat, 22 Jan 2005, Lasse Kliemann wrote:
> >What do you intend to use them for?
>=20
> Verify (manually) that the binary pkgs are not modified.

Modified by whom?

He who can modify the binary packages can also modify the checksums, unless=
 you=20
take extra precautions via file permissions and ownerships. But then, you c=
an=20
protect the binary packages against modification from the start.

Or am I missing something?
What is the exact scenario that you have in mind?

--=20
Lasse Kliemann
      private homepage: http://plastictree.net
   NO software patents: http://swpat.ffii.org
do NOT use M$ products: http://plastictree.net/articles/noms

--E/DnYTRukya0zdZ1
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (NetBSD)

iD8DBQFB8nQ21gObwed86AkRAmemAJ40tL3XSkEJybMVoX7ByTi9vwZItACgwBfP
70o3TJFzmsmxHgd8/JwjBCw=
=2uHa
-----END PGP SIGNATURE-----

--E/DnYTRukya0zdZ1--