|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Just an idea
From: Shane J Pearson (shanep
ign.com.au)
Date: Thu May 01 2003 - 09:01:24 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Jose Nazario wrote:
> On Thu, 1 May 2003, Shane J Pearson wrote:
>
>>If they can modify the packages on the ftp site, they can modify the
>>sums file too.
>
> but this is what's already an accepted risk for the base tarballs in the
> system.
Yes, but I don't see how providing a sums file on the ftp sites gives
any security gains.
Why would the sums file be any more authoritive than the files it
references on the same server?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]