On Thu, Jan 04, 2007 at 08:31:45AM +0200, Peter Philipp wrote:
> On Wed, Jan 03, 2007 at 05:18:13PM -0700, Theo de Raadt wrote:
> > > I have a slight problem trying to compile a program on an i386 box that
> > > has
> > > 3.9 installed. The box until recently ran 4.0-beta but I installed the
> > > base packages as well as comp.tgz from the 3.9 on it. It now runs on a
> > > 3.9
> > > kernel as well. However I have this problem, when I compile I get this
> > > message:
> >
> > You cannot go backwards.
> >
> > We've said so many times before, and it it rather obvious! You CANNOT
> > go backwards because we are always building newer interfaces.
>
> Ok, I'll have to get another snapshot then, until I purchase 4.x. Question
> for you and openbsd, there is a mirror at my provider
> ftp://ftp.freenet.de/pub/ftp.openbsd.org/pub/OpenBSD and so on. Does the
> OpenBSD project periodically cross-check for any possible trojans in these
> mirrors?
I'm fairly certain that is not the case.
> Would you recommend getting the CKSUM and MD5 files periodically (and through
> other ISP's) to make sure that what one gets is really genuine? I know I'm
> often an idiot and often paranoia and mistrust have the upper hand, so how
> can I feel better about such a thing? I value your kind words.
This is, indeed, paranoia. Getting CKSUM and MD5 from different,
(somewhat) trusted sources should usually be sufficient. (I.e., using
ftp.openbsd.org for everything causes unnecessary load; but pulling
CKSUM and MD5 should be fine.)
You might also consider options like AFS, although it's rather likely
the AFS cells themselves pull via FTP...
> (the latest funny thing I had happen to my 4.0-beta was that on the local
> ftpd an mget on the ftp client failed with the error "read-only filesystem",
> which to me was interesting and discouraging since an mget would hardly write
> to disk right? This message only happened once, after that ftpd would spit
> back i/o error or something similar. I hardly have the time to check every
> source code and binary myself so I accepted what happened there and left it
> for the new year, this was on the local home LAN (non-wifi although there is
> wifi access)).
This should be unrelated.
Joachim
