Skip site navigation (1) Skip section navigation (2)

Re: location of md5 files ...

From: Dave Page <dpage(at)pgadmin(dot)org>
To: Josh Berkus <josh(at)postgresql(dot)org>
Cc: PostgreSQL www <pgsql-www(at)postgresql(dot)org>
Subject: Re: location of md5 files ...
Date: 2009-12-14 19:59:16
Message-ID: (view raw or whole thread)
Lists: pgsql-www
On Mon, Dec 14, 2009 at 7:23 PM, Josh Berkus <josh(at)postgresql(dot)org> wrote:
> WWW team,
> Does Otto have a point?

Yes. From a security perspective, the md5's are useless when
distributed alongside the binaries. That's why I GPG sign my releases
of pgAdmin and the MSI installer - noone else can recreate those

There is potentially some benefit to having them there to allow the
user to verify they have a good download though, for example, in the
event of an error untarring.

Dave Page
EnterpriseDB UK:

In response to

pgsql-www by date

Next:From: Magnus HaganderDate: 2009-12-14 19:59:24
Subject: Re: location of md5 files ...
Previous:From: Josh BerkusDate: 2009-12-14 19:23:18
Subject: location of md5 files ...

Privacy Policy | About PostgreSQL
Copyright © 1996-2015 The PostgreSQL Global Development Group