On Tue, 15 Oct 2013 12:54:36 +0200, Dominik George <n...@naturalnet.de> wrote: >> Some of the source packages were caught on a gateway anti-virus scanner while >> downloading. > >Using a gateway anti-virus scanner for downloads from the Debian archive >seems a bit inappropriate, well, paranoid. Checking the signed hashsums >would seem a lot better to verify the downloads; if Debian's >infrastructure were compromised so viruses could get in *and* be signed, >we and you have other problems.
In many organisations it would be a _huge_ hassle to be allowed to Download Debian packages directly while bypassing the gateway scanner. It might even lead to a knee-jerk reaction like "This Debian thingy keeps setting off our security alerts, let's ban it and use a supported enterprise distro". Greetings Marc -- -------------------------------------- !! No courtesy copies, please !! ----- Marc Haber | " Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/ Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834 -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vwn9r-0004kh...@swivel.zugschlus.de
