Hi, V ?t, 08. 07. 2008 v 13:33, Darren J Moffat p??e: > James Carlson wrote: > > (Having a big database of MD5 and SHA-1 checksums searchable on > > checksum is a nifty hack around the problem ... but it's still a > > problem, and shouldn't need a hack. You should be able to go directly > > from advertised version number to verified checksum in one step.) > > As an aside we do actually have such a thing: > > For any given binary we can find out which SVR4 package on which release > of Solaris or patch to a given release it came from: > > http://sunsolve.sun.com/fileFingerprints.do >
Fingerprints are nice, but are they part of binary itself? Sometimes you need to know "exact" version from crashdump, where binary on disk and in memory were different before crash. Yes, %I% is hack, but it saved a lot of work. Best regards, Milan
