Mail Archives: cygwin/2000/07/07/22:26:36
Thanks for claryfing this. Is there a simple utility in cygwin to confirm
the validity using the md5? what unix command can I use?
/dave
-----Original Message-----
From: DJ Delorie <dj AT delorie DOT com>
To: avr_fan AT mailandnews DOT com <avr_fan AT mailandnews DOT com>
Cc: cygwin AT sourceware DOT cygnus DOT com <cygwin AT sourceware DOT cygnus DOT com>
Date: Friday, July 07, 2000 7:06 PM
Subject: Re: missing tsort in textutils.tar.gz
>
>> What about the mirror sites are they also trusted and certified to
>> be virus scanned etc?
>
>First off, sourceware includes MD5 files that you can use to verify
>that packages have been transferred from sourceware to the mirror to
>you.
>
>Second, most mirror sites are running Unix, not Windows, and are much
>less likely to be infected anyway.
>
>Third, virii that *can* infect those Unix sites would not be the types
>of viruses that could infect Cygwin executables inside .tar.gz files.
>
>Fourth, mirror site maintainers are much more likely to be actively
>securing their machines against attacks.
>
>> What about some of the sites like http://cygutils.netpedia.net/ etc?
>> are they trusted/certified too?
>
>Sites, like people, *earn* trust. We can't just give it to them, nor
>can we certify them. We only administer the cygwin archives on
>sourceware; that's all we can attest to. If you want to know what
>other sites use for procedures, you must ask them directly.
--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com
- Raw text -