On Sun, Jul 08, 2001 at 10:35:14PM -0500, steve wrote:
I've been installing a few ports (great tool btw), and I've noticed
that typing 'make install' in an app directory will perform an md5
checksum to verify that the download is legit and not corrupt. Is there
anything similar done when using cvsup? Is there anyway to verify that
the ports collection update that I'm receiving through cvsup is legit
and not "trojaned" or altered in some other way?
Note to all on the list: please resist the temptation to offer
suggestions for how cvsup could be improved to achieve this unless
they're in the form of patches. We all know how to do it, but the
code needs to be written.