leorolla dijo [Thu, Apr 01, 2010 at 06:23:59AM -0700]: > For security reasons it could perform a checksum verification to > protect the user from a corrupt or virus-infected backup file. > > So the simple changes in the source would be: > * remove the problematic file from the source code > * change the source code to > -look for a 446-byte file with a specific filename > -if absent, produce error message explaining what the user is supposed > to do and exit > -perform the checksum verification > -if fails, produce appropriate error message and exit > -copy the file to the mbr > > (Is it also be copyright violation to distribute checksums along with > the program? In this case, add "look for the presence of a checksum > file with a given name etc; if absent, produce an error message > telling the user to copy it from a trusted source etc and exit".)
Humm... and given the search space is just giant (and not mindboggingly huge), you could even add a loop that generates a random 446-byte-long content until it matches the md5sum and the sha1sum for said file? -- Gunnar Wolf • gw...@gwolf.org • (+52-55)5623-0154 / 1451-2244 -- To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100414232213.gb14...@gwolf.org
