Re: Combining package deltas and signing?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Fri, Dec 28, 2012 at 10:54:14PM -0500, Sébastien Leblanc wrote:
> I believe signatures are checked after packages are rebuilt from
> deltas. Therefore, if your delta is compromised, the resulting
> package won't validate with the signature.

Excellent.  I also notice you use the word "deltas", plural, which
leads me to the next question :)

Will deltas be combined by pacman, or will only ever a single delta be
used?

/M

-- 
Magnus Therning                      OpenPGP: 0xAB4DFBA4 
email: magnus@xxxxxxxxxxxx   jabber: magnus@xxxxxxxxxxxx
twitter: magthe               http://therning.org/magnus

Most software today is very much like an Egyptian pyramid with
millions of bricks piled on top of each other, with no structural
integrity, but just done by brute force and thousands of slaves.
     -- Alan Kay

Attachment: pgp8wYefgIC31.pgp
Description: PGP signature


[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux