> On 11 May 2015, at 16:00, peter dalgaard <pda...@gmail.com> wrote: > > >> On 11 May 2015, at 15:53 , Duncan Murdoch <murdoch.dun...@gmail.com> wrote: >> >> On 11/05/2015 9:35 AM, Tal Galili wrote: >>> Hi Duncan, >>> Thank you for the clarification. :) >>> >>> I ended up removing these files from being scanned in the updated version >>> of installr. I would rather focus on supporting an MD5 scan that is based >>> on what is listed in MD5 file itself (ignoring exceptions that are not >>> clearly stated in the file). >> >> I'm not sure what the purpose is of your test, but if it is to detect >> modified files, that might not be a good strategy. A malicious agent could >> install fake bin/R.exe or bin/Rscript.exe and not be caught. >> >> Of course, if they knew to modify those two files but not any others, they >> would know enough to also install a fake MD5 file, and then there's >> basically nothing you could do. >> >> Duncan > > As a general matter, checksumming is useless against tampering if you ship > the checksums with the files (that's why I put the checksums in the release > announcements: so that they travel alon a different route to the user). If > you do, they only make sense as safeguards against technical errors (such as > the infamous CR/CRLF conversions).
And that (including unpacking errors by rogue unzip clients) is precisely what they are there in the binary packages for. > > I still don't get why Tal refuses to work out the apparently quite simple > logic that decides which checksums should be used to check the installed > R.exe and Rscript.exe. > > -- > Peter Dalgaard, Professor, > Center for Statistics, Copenhagen Business School > Solbjerg Plads 3, 2000 Frederiksberg, Denmark > Phone: (+45)38153501 > Email: pd....@cbs.dk Priv: pda...@gmail.com > > ______________________________________________ > R-devel@r-project.org mailing list > https://stat.ethz.ch/mailman/listinfo/r-devel ______________________________________________ R-devel@r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-devel
