Binary diffs for deb files
Hervé Fache
Herve at lucidia.net
Sat May 6 00:15:37 BST 2006
You want my Pentium 233 to unzip every single package it downloads?
How much longer will apt-get install become as a result? It's already
very slow running ldconfig for every library and xfont-config for each
new font, one by one!
I think keeping the checksum of the zipped package is still important,
though I know that's not helping you pushing for diff idea.
2006/5/5, John Nilsson <john at milsson.nu>:
> On Fri, 2006-05-05 at 17:20 +0100, James Hall wrote:
> > Hi John,
> >
> > The deb format already contains md5sums of each individual file, and
> > since the entire package is signed, this is also signed. You can find it
> > by extracting a deb file and looking in control for the file named
> > 'md5sums'.
>
> Ok, good to know, I hadn't been looking too hard for it yet =)
>
> In any case. Still, why not be content with signing that? Extracting
> that file shouldn't impose that much additional work to verify a
> package. And then the package would be totally independent of how it's
> stored or transferred.
>
> Regards,
> John
>
>
> --
> ubuntu-devel mailing list
> ubuntu-devel at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
>
--
In a world without walls and fences, who needs Windows and Gates?
More information about the ubuntu-devel
mailing list