Subject: Re: signed binary pkgs [was: Re: BPG call for use cases]
To: Todd Vierling <tv@duh.org>
From: Curt Sampson <cjs@cynic.net>
List: tech-security
Date: 07/23/2005 16:41:34
On Fri, 22 Jul 2005, Todd Vierling wrote:

> You'd need to sign the +INSTALL and +DEINSTALL scripts too, as they can
> generate files not tracked by +CONTENTS.

Anything not in the +CONTENTS file itself also needs to be signed
somehow, right?

cjs
-- 
Curt Sampson  <cjs@cynic.net>   +81 90 7737 2974   http://www.NetBSD.org
      Make up enjoying your city life...produced by BIC CAMERA