Hisashi T Fujinaka writes:
> Viktor Haag wrote:
>
> > I'm glad to hear it; however, the paranoid person in me
> > says, "How do I know that the source tarball hasn't, in
> > fact, been monkeyed with by someone else entirely?"
> >
> > I'm just a bit twitchy lately, what with the whole foofahrah
> > over the GNU sources being corrupted...
>
> Well, then, don't run any of my packages (of which there are
> very few) because I just cut and paste the MD5 that fink
> automatically generates.
>
> It's good for showing you that the download worked, but it's
> almost useless for telling you whether the sources are
> correct.
Ah - I was under the (mis?)apprehension that the checksum suited
a dual purpose: to ensure the validity of the download, but also
to ensure the validity of the sources themselves. Perhaps that
was naive of me; as I said, I've been a bit twitchy since the
GNU-sources incident...
--
Viktor Haag : Software & Information Design : Research In Motion
+--+
Disclaimer mandated by employer: "This transmission may contain
confidential or privileged material. Any use of this information
by anyone other than the intended recipient is prohibited. If you
have received this transmission in error, please immediately
reply to the sender and delete this information from your
system. Use, dissemination, distribution, or reproduction of this
transmission by unintended recipients is not authorized and may
be unlawful."
-------------------------------------------------------
This SF.net email is sponsored by: The SF.net Donation Program.
Do you like what SourceForge.net is doing for the Open
Source Community? Make a contribution, and help us add new
features and functionality. Click here: http://sourceforge.net/donate/
_______________________________________________
Fink-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/fink-users
