Date: Thu, 8 Feb 2001 13:21:23 +0100 From: Markus Holmberg <markush@acc.umu.se> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: Wes Peters <wes@softweyr.com>, freebsd-security@FreeBSD.ORG, freebsd-ports@FreeBSD.ORG Subject: Re: Package integrity check? Message-ID: <20010208132123.A4400@acc.umu.se> In-Reply-To: <200102061802.NAA33086@khavrinen.lcs.mit.edu>; from wollman@khavrinen.lcs.mit.edu on Tue, Feb 06, 2001 at 01:02:08PM -0500 References: <20010205210459.A2479@acc.umu.se> <3A7F9AB6.5CAA983B@softweyr.com> <200102061526.KAA31832@khavrinen.lcs.mit.edu> <3A802FAF.792F61F5@softweyr.com> <200102061802.NAA33086@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks Wes. I'm running -STABLE (and I was mostly just curious, not in a hurting need for this functionality right away) so I'm not sure I'm trying it out. But it's good to know it's available. On Tue, Feb 06, 2001 at 01:02:08PM -0500, Garrett Wollman wrote: > 1) Whatever process generates and checksums the packages also makes > and signs a master list of all the checksums from each package, and > > 2) Whatever process installs software from the package compares its > checksum against this master list, and verifies the signature of the > master list. It was these two things that I was thinking of in first place.. (When asking if it was possible to check for package integrity). But I realize it is not conceivable without a good deal of effort, so I was merely wondering if anyone else thought of it. > I think that this would be both useful and worthwhile, but again, we > need to make sure that legally we are not promising anything other > than ``these packages have not been modified since generation''. Of course, one could not ask for anything else either (more than to know that the packages were built by the FreeBSD Project and have not been modified since, as is the same with building software from the ports system). Markus -- Markus Holmberg | Give me Unix or give me a typewriter. markush@acc.umu.se | http://www.freebsd.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010208132123.A4400>