From owner-freebsd-questions  Sat Mar 23 23:22:45 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from c009.snv.cp.net (c009-h005.c009.snv.cp.net [209.228.34.118])
	by hub.freebsd.org (Postfix) with SMTP id A3BA537B417
	for <freebsd-questions@freebsd.org>; Sat, 23 Mar 2002 23:22:43 -0800 (PST)
Received: (cpmta 3399 invoked from network); 23 Mar 2002 23:22:43 -0800
Date: 23 Mar 2002 23:22:43 -0800
Message-ID: <20020324072243.3398.cpmta@c009.snv.cp.net>
X-Sent: 24 Mar 2002 07:22:43 GMT
Received: from [24.112.192.171] by mail.canada.com with HTTP;
    23 Mar 2002 23:22:43 PST
Content-Type: text/plain
Content-Disposition: inline
Mime-Version: 1.0
To: freebsd-questions@freebsd.org
From: dill@canada.com
X-Mailer: Web Mail 3.9.3.11
X-Sent-From: dill@canada.com
Subject: Security of downloaded binary (packages)
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

I am trying to do a pkg_add -r "pkg name" but I feel that this really does not protect myself from downloading trojan horses. 

If someone poisoned my DNS and put a fake entry instead of ftp.freebsd.org then I could download torjan instead of what I want.

Are there MD5 signature of package files that I can verify ??


__________________________________________________________
Get your FREE personalized e-mail at http://www.canada.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message