I like that idea very much, but it seems quite impractical. There are
many stages where things could go wrong and it will make things more
complicate for packagers and end-users alike. 
It might be more feasible if there are two separate options added to
emerge, one being to not check sums on packages and then the second to
not check sums on the individual files. 
Then there is the issue of clutter and wasting space. I guess you could
put them all in a folder like Manifest or Sums or something, but
still...

Don't know how well it'd go over --
buts a good idea. :) 

* Anthony

On Mon, 2004-02-16 at 22:20, Brian Klauss wrote:
> Why not take package security one step deeper to ensure the validity
> of every ebuild and source-tree?  
>  
> Instead of relying upon a master hash of the compressed package,
> create a hash for each source file, documentation, makefile, etc., and
> as part of the emerge process, the application validates the
> compressed hash, then looks at each decompressed file and compares the
> hash value of it against a master repository.
>  
> Once everything checks out, we then guarantee that the compressed
> package and all related source files are true to the source as it was
> created since the master hash tables are contained in the master
> repository instead of within the compressed file (which can be
> altered).
>  
> Just an idea, and if I am way off, let me know.
>  
> Brian...
-- 
Please avoid sending me Word or PowerPoint attachments.
See http://www.fsf.org/philosophy/no-word-attachments.html



--
gentoo-security@g.o mailing list