Request for simplified instructions for downloading and installing .tar.gz applications - Ventoy
Ralf Mardorf
kde.lists at yahoo.com
Wed Aug 3 06:33:02 UTC 2022
On Tue, 2 Aug 2022 19:41:40 -0700, Tom Mitchell wrote:
>On Tue, Aug 2, 2022 at 1:49 PM Ralf Mardorf wrote:
>> you can ask upstream to provide signed checksums. If the key is part
>> of a web of trust there's no issue anymore, unless you should be
>> allergic to binaries from upstream.
>Thank you.
>The question was general, so "I addressed a general procedure".
>
>As I said ... interesting idea and the more that use and watch it the
>better the trust profile builds.
Hi,
verifying an OS install media against a signed checksum in the first
place is more important, than worrying about afterwards installed
software that runs with user privileges. IOW before installing Ubuntu,
it's essential to verify the download. How to do this for Ubuntu:
https://ubuntu.com/tutorials/how-to-verify-ubuntu#1-overview
Regards,
Ralf
More information about the ubuntu-users
mailing list