| 1 |
begin quote |
| 2 |
On Thu, 1 Aug 2002 15:39:05 +0200 |
| 3 |
Rob Kaper <rkaper@×××.nl> wrote: |
| 4 |
|
| 5 |
> On Thursday 01 August 2002 15:35, Terje Kvernes wrote: |
| 6 |
> > if the checksum differ, which it would have, emerge will abort. |
| 7 |
> > although, emerge logs do sound like a very good idea. |
| 8 |
> |
| 9 |
> For optimum security, emerge should check checksums from different |
| 10 |
> locations. One or two trusted servers (often even the same as the one |
| 11 |
> where the files reside, although that might not be true for gentoo) |
| 12 |
> can be compromised too easily. |
| 13 |
> |
| 14 |
> Rob |
| 15 |
> |
| 16 |
actually portage compares to the one in the portage tree, which is |
| 17 |
concidered "safe" as its not related to the servers where the binaries |
| 18 |
are located. |
| 19 |
|
| 20 |
//Spider |
| 21 |
|
| 22 |
|
| 23 |
-- |
| 24 |
begin .signature |
| 25 |
This is a .signature virus! Please copy me into your .signature! |
| 26 |
See Microsoft KB Article Q265230 for more information. |
| 27 |
end |
Archives