Date: Mon, 5 Feb 2001 21:05:00 +0100 From: Markus Holmberg <markush@acc.umu.se> To: freebsd-security@freebsd.org Cc: freebsd-ports@freebsd.org Subject: Package integrity check? Message-ID: <20010205210459.A2479@acc.umu.se>
next in thread | raw e-mail | index | archive | help
Hello. Is there any way to perform an integrity check on packages that are fetched with "pkg_add -r <packagename>"? (Similarly to building a package manually with a trusted /usr/ports and checksumming downloaded files) I assume there is no way to do integrity checking on packages, which leads me to the question if the general opinion among the security conscious is that packages (from untrusted parties, like any ftp site on the mirror list) should not be used at all? Markus -- Markus Holmberg | Give me Unix or give me a typewriter. markush@acc.umu.se | http://www.freebsd.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010205210459.A2479>