List Archive: gentoo-security
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
On Fri, Dec 05, 2003 at 12:31:42PM +0600, Anuradha Ratnaweera wrote:
> Was a bit paranoid, if the intruder may have changed both MD5 sum on the
> rsync server (are they there, at first place?) _and_ the source tarball
> on the other site,
If an attacker had access to the rsync server he could add a patch in
the files/ directory and have the ebuild include it. MD5 mismatches are
far, far more likely to be unthreatening.
When a true genius appears in the world, you may know him by this sign, that the dunces are all in confederacy against him. - Jonathan Swift
firstname.lastname@example.org mailing list