On Wed, Apr 10, 2002 at 05:46:24PM -0400, Dominique Fortier wrote: > > Basically, if you run binaries from an unsafe source, you get what you > > deserve. > > Man, I try to be a honnest individual, I hope I don't deserve something > like that ! > > ..., Is there such a thing has a 100% safe source for binaries ?
Check the PGP key (or GnuPG key) and the md5 checksum from the source
(as long as you trust the source).
Even trusted sources (like ftp.porcupine.org/pub/security) get hit
with Trojan horses. Always check the digital signatures and the
checksums!
Debian does this when you do an apt-get, I believe.
-Anne
--
.-"".__."``". Anne Carasik, System Administrator
.-.--. _...' (/) (/) ``' [EMAIL PROTECTED]
(O/ O) \-' ` -="""=. ', Center for Advanced Computing Research
~`~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
msg06299/pgp00000.pgp
Description: PGP signature
