Re: exim tarball size. Was: Re: [exim] Broken distribution?

Pàgina inicial
Delete this message
Reply to this message
Autor: Nigel Metheringham
Data:  
A: exim-users
Assumpte: Re: exim tarball size. Was: Re: [exim] Broken distribution?
On Wed, 2006-02-15 at 09:51 +0000, Philip Hazel wrote:
> The point of the MD5 checksum is to ensure that the distribution has not
> been tampered with. If somebody breaks in to the FTP site and tampers
> with the distribution, they could just as easily tamper with the
> checksum.


Add a gpg signature to the MD5 sums file (text inline type). Of course
if people are not looking at the detached signature file then they are
unlikely to check the authenticity of that file.

    Nigel.
-- 
[ Nigel Metheringham           Nigel.Metheringham@??? ]
[ - Comments in this message are my own and not ITO opinion/policy - ]