[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]
Re: Re: setting up mirrors
Pavan K Balellugari rearranged electrons thusly:
> Comments in-line
Ditto
> for huge files p2p is the worst. but for patchs &
> upgrades it quite usefull.
Excellent. However, most ftp mirrors also give you the md5sum and sign the
packages with the developer's PGP key, which can be verified. On a p2p level,
this vital safety net is missing.
> this i guess could happen from anywhere. Code
> obtained from anywhere is unsafe. P2P might give
> another vehicle for this, but i guess could be
> avoided. Also, i am quite confident with Linux
> Security.
Confident abt linux security when you can trust that you are running bind, and
not some rooted modification of bind.
> i guess currently Gnutella & other open source P2P
> s/w doesn't give u resume or segmented download
> support. I was suggesting that we could see if we
> could add more code.. just a try..
That's one thing which has to be implemented. But I'd personally not accept
any system binaries / tarballs sent across such a medium. MP3s etc, OK, fine :)
--suresh
--
Suresh Ramasubramanian <--> mallet <at> efn <dot> org
EMail Sturmbannfuhrer, Lower Middle Class Unix Sysadmin