In article <[EMAIL PROTECTED]> you wrote: > If some packages are localy modified, This suggests that your local system > is already compromised.
Not if you use a NFS mounted shared cache. It should be possible to verify the package on install time. (Especially when not using apt-get). Not sure if debsig-verify can work in that environment. Gruss Bernd -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
