Date: Tue, 10 Nov 2009 18:12:40 +0000 From: RW <rwmaillists@googlemail.com> To: ports@freebsd.org Subject: Re: RFC: svn for make fetch Message-ID: <20091110181240.33a78db4@gumby.homeunix.com> In-Reply-To: <20091110103228.GA1139@straylight.m.ringlet.net> References: <a0777e080911080731w461e6733peb0a5473acf07aa8@mail.gmail.com> <4AF897A4.3070408@delphij.net> <20091109225232.GA34294@lor.one-eyed-alien.net> <a0777e080911092251r3dd39303q4f309aaf4076daf@mail.gmail.com> <20091110103228.GA1139@straylight.m.ringlet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 10 Nov 2009 12:32:28 +0200 Peter Pentchev <roam@ringlet.net> wrote: > The Ports Collection's distfile checksums make sure that you get > exactly the same files *as the port maintainer examined at some > previous moment in time*. More importantly it guards against maliciously modified source code. Someone might break into a legitimate mirror or use dns poisoning to distribute malware.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091110181240.33a78db4>