On Mon, Aug 23, 2010 at 07:55:03PM +1200, Simon Geard wrote:
> On Sun, 2010-08-22 at 19:03 -0500, Bruce Dubbs wrote:
> > bendeguz wrote:
> >
> > > 2. This means it could be possible for some package to have
> > > false checksums on the whole internet?
> > > So you can't be absolutely sure, that y
On Sun, 2010-08-22 at 19:03 -0500, Bruce Dubbs wrote:
> bendeguz wrote:
>
> > 2. This means it could be possible for some package to have
> > false checksums on the whole internet?
> > So you can't be absolutely sure, that you have downloaded a package
> > in the form the maintainer built it?
>
bendeguz wrote:
> 2. This means it could be possible for some package to have
> false checksums on the whole internet?
> So you can't be absolutely sure, that you have downloaded a package
> in the form the maintainer built it?
It's possible, but quite unlikely. It would be discovered and all o
On Sun, Aug 22, 2010 at 06:50:42PM +0100, Ken Moffat wrote:
> On Sun, Aug 22, 2010 at 05:23:17PM +0200, bendeguz wrote:
> > On Sun, Aug 22, 2010 at 02:37:27PM +0100, Ken Moffat wrote:
> > >
> > > Actually, the situation is worse than that! For most packages
> > > in the BLFS book, the md5sum was
On Sun, Aug 22, 2010 at 05:23:17PM +0200, bendeguz wrote:
> On Sun, Aug 22, 2010 at 02:37:27PM +0100, Ken Moffat wrote:
> >
> > Actually, the situation is worse than that! For most packages
> > in the BLFS book, the md5sum was generated by an editor.
> > I'm sure the gentoo sha sums are similar.
Ken Moffat wrote:
> Actually, the situation is worse than that! For most packages
> in the BLFS book, the md5sum was generated by an editor.
> I'm sure the gentoo sha sums are similar.
It's slightly better than that. The editor puts the checksum in the
book, but I check them when the package
On Sun, Aug 22, 2010 at 02:37:27PM +0100, Ken Moffat wrote:
> On 22 August 2010 13:12, bendeguz wrote:
> > Hi!
> >
> > I have installed lfs and x about a week ago, so I've been
> > using it as my desktop since then. Of course I'm still
> > building it piece by piece.
> >
> > There are packages whi
On 22 August 2010 13:12, bendeguz wrote:
> Hi!
>
> I have installed lfs and x about a week ago, so I've been
> using it as my desktop since then. Of course I'm still
> building it piece by piece.
>
> There are packages which are not in the blfs-book,
> which doesn't have checksum information on th
Hi!
I have installed lfs and x about a week ago, so I've been
using it as my desktop since then. Of course I'm still
building it piece by piece.
There are packages which are not in the blfs-book,
which doesn't have checksum information on the server
where the package is downloadable, or on the
