Subject: Re: little hacking project: bulk build checksums
To: Lasse Kliemann <firstname.lastname@example.org>
From: Ben Collver <email@example.com>
Date: 01/22/2005 07:55:07
On Sat, Jan 22, 2005 at 04:41:43PM +0100, Lasse Kliemann wrote:
> * Hubert Feyrer writes:
> > On Sat, 22 Jan 2005, Lasse Kliemann wrote:
> > >What do you intend to use them for?
> > Verify (manually) that the binary pkgs are not modified.
> Modified by whom?
> He who can modify the binary packages can also modify the checksums, unless you
> take extra precautions via file permissions and ownerships. But then, you can
> protect the binary packages against modification from the start.
> Or am I missing something?
> What is the exact scenario that you have in mind?
How about corruption introduced by someone else's failing disks, or over
the network itself?