[pacman-dev] [PATCH] Replace MD5 with SHA-256 as a default file integrity check in PKGBUILDs

Giancarlo Razzolini grazzolini at archlinux.org
Thu Jan 23 15:07:23 UTC 2020


Em janeiro 23, 2020 11:59 Eli Schwartz escreveu:
> 
> Then I'm sure you'll be delighted to know that the last time this
> discussion was brought up (a couple years ago?) Allan said he wanted to
> add "cksum" support and switch to that for a default. Rationale: both
> md5sum and cksum are already completely broken, but no one deludes
> themselves when they see "cksum" into thinking that it is anything but
> deliberate, and no one deludes themselves into thinking that there is
> any possibility it is secure.
>

That's the opposite of encouraging best practices, but this horse is long
dead, and there's nothing else to beat.

> 
> "makepkg: add CRC checksums and set these to be the default"
> 

No comment on this one.

Regards,
Giancarlo Razzolini
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/pacman-dev/attachments/20200123/56500ad6/attachment.sig>


More information about the pacman-dev mailing list