Menu
▾
▴
Re: [Devil-Linux-discuss] Devil-Linux 1.4 released
|
From: Philippe M. <ph...@oz...> - 2010-11-10 18:40:52
|
Hi, You misunderstood me, I meant the distribution files themselves (ie: devil-linux-1.4-i686.tar.bz2) This is the only way to be sure no malicious modification is done on the distribution server or a mirror after you generate the release. Philippe On Wed, Nov 10, 2010 at 07:29:54AM -0600, Heiko Zuerker wrote: > Hey, > > the feature does exist for quite a while already, but the > documentation on it is a bit sparse: > http://www.devil-linux.org/documentation/1.3.x/ch02s03.html > It's also a bit cumbersome, since you actually have to modify the ISO > image do include the public gpg key. > > If anybody feels like updating the documentation.... :) > Other ideas (with patches of course) on how to implement signing of > the config are welcome of course. > > cu > Heiko > > Quoting Philippe Marzouk <ph...@oz...>: > > On Tue, Nov 09, 2010 at 02:53:26PM -0600, Heiko Zuerker wrote: > >> Hello DL Community! > >> > >> it took forever, but 1.4 is finally released! > >> Get it from the usual places... > >> > > > > This is great news, congratulations! > > > > I see no way to verify the tar.bz2 files have not been tampered with > > since you created them. > > > > Can you add at the minimum some md5 and or sha1 checksum along ? Even > > better if you could add some GPG signature. > > > > Philippe > > > > ------------------------------------------------------------------------------ > > The Next 800 Companies to Lead America's Growth: New Video Whitepaper > > David G. Thomson, author of the best-selling book "Blueprint to a > > Billion" shares his insights and actions to help propel your > > business during the next growth cycle. Listen Now! > > http://p.sf.net/sfu/SAP-dev2dev > > _______________________________________________ > > Devil-linux-discuss mailing list > > Dev...@li... > > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > > > > |
