On Fri, Jun 18, 1999 at 10:13:34PM -0700, Joey Hess wrote:
>
> I'm not tracking this proposal on the weekly policy summary because as far
> as I can see, it has nothing to do with policy per se, it's stricly a debian
> mirror thing.
>
> If people disagree with me on this, I'll be happy to track
Chris Leishman wrote:
> What I propose is to extend the security of Debian. I do not propose an
> "ultimate security solution", but simply a method to increase the security
> debian offers to users. The proposal is as follows:
>
>
> Each package can contain a DEBIAN/md5sums file. This is nor
In article <[EMAIL PROTECTED]> you write:
>Just a brief note about the thread there: if md5sums are included in
>packages, they will *only* be included for system integrity checks.
>They serve *no* useful security purpose. Given this, the MD5 sums
>themselves should be adequate
On Thu, Jun 17, 1999 at 01:49:30AM +0100, Julian Gilbey wrote:
>
> Just a brief note about the thread there: if md5sums are included in
> packages, they will *only* be included for system integrity checks.
> They serve *no* useful security purpose. Given this, the MD5 sums
> thems
understoood that there were known algorithms to produce a new file with
> a given md5sum, if you can vary the length of the file?
Just a brief note about the thread there: if md5sums are included in
packages, they will *only* be included for system integrity checks.
They serve *no* useful securit
Chris Leishman wrote:
> 1) Is it policy that a package must contain a DEBIAN/md5sums file?
> (not all do). Should it be?
>
> 2) Is it possible to create an easily accessable copy of these md5sums
> on the debian servers (similar to package lists, or perhaps as a .md5sums
> to go
On Tue, Jun 15, 1999 at 01:27:27PM +1000, Chris Leishman wrote:
> Well...the discussion there is regarding 'pristine' source, and md5sums of
> upstream releases (with regards to repackaging ustream source as .tar.bz2).
A month ago, maybe two, there was a huge debate about whether md5sums should
be
On Mon, Jun 14, 1999 at 03:53:58PM +0200, Petr Cech wrote:
> On Sat, Jun 12, 1999 at 06:43:55PM +1000 , Chris Leishman wrote:
> > Hi all,
> >
> [snip]
> >
> > Is this possible to achieve given the existing packaging system framework?
> > Is anyone interested in this idea, or interested in taking
8 matches
Mail list logo
