Date: Sat, 27 Feb 1999 18:53:02 +0100 From: Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE> To: cjclark@home.com, Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE> Cc: questions@FreeBSD.ORG Subject: Re: MD5 sums for packages? Message-ID: <19990227185302.A2966@gil.physik.rwth-aachen.de> In-Reply-To: <199902271735.MAA11069@cc942873-a.ewndsr1.nj.home.com>; from Crist J. Clark on Sat, Feb 27, 1999 at 12:35:12PM -0500 References: <199902271534.QAA02036@gilberto.physik.RWTH-Aachen.DE> <199902271735.MAA11069@cc942873-a.ewndsr1.nj.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Feb 27, 1999 at 12:35:12PM -0500, Crist J. Clark wrote: > Christoph Kukulies wrote, > > > > Could the ftp site maintainers put MD5 files for the packages > > on the ftp sites? At least for security sensitive packages > > like tcp_wrappers and others? > > But if the package on the site has had unauthorized modifications, > couldn't that person just as easily change any MD5 files on the site? Yes but if you have a lot of sites, say ftp1,ftp2, ftp3.freebsd.org you can compare and it's quite unlikely that all are compromised at the same time. I would trust ftp.freebsd.org with this respect. Although you never know. freefall at least once got compromised in the past. :) > > > Or better: for immediate need: Could someone send me > > the MD5 sum of > > > > tcp_wrappers-7.6.tgz > > The ports do have MD5 checks (the MD5 files come with the ports > distribution so they are all on your computer). Build from the ports. > -- > Crist J. Clark cjclark@home.com -- Chris Christoph P. U. Kukulies kuku@gil.physik.rwth-aachen.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990227185302.A2966>