This is the mail archive of the
cygwin@sources.redhat.com
mailing list for the Cygwin project.
Re: missing tsort in textutils.tar.gz
- To: "DJ Delorie" <dj at delorie dot com>
- Subject: Re: missing tsort in textutils.tar.gz
- From: "Dave Arnold" <avr_fan at nettaxi dot com>
- Date: Fri, 7 Jul 2000 19:23:41 -0700
- Cc: <cygwin at sourceware dot cygnus dot com>
- Reply-To: "Dave Arnold" <avr_fan at mailandnews dot com>
Thanks for claryfing this. Is there a simple utility in cygwin to confirm
the validity using the md5? what unix command can I use?
/dave
-----Original Message-----
From: DJ Delorie <dj@delorie.com>
To: avr_fan@mailandnews.com <avr_fan@mailandnews.com>
Cc: cygwin@sourceware.cygnus.com <cygwin@sourceware.cygnus.com>
Date: Friday, July 07, 2000 7:06 PM
Subject: Re: missing tsort in textutils.tar.gz
>
>> What about the mirror sites are they also trusted and certified to
>> be virus scanned etc?
>
>First off, sourceware includes MD5 files that you can use to verify
>that packages have been transferred from sourceware to the mirror to
>you.
>
>Second, most mirror sites are running Unix, not Windows, and are much
>less likely to be infected anyway.
>
>Third, virii that *can* infect those Unix sites would not be the types
>of viruses that could infect Cygwin executables inside .tar.gz files.
>
>Fourth, mirror site maintainers are much more likely to be actively
>securing their machines against attacks.
>
>> What about some of the sites like http://cygutils.netpedia.net/ etc?
>> are they trusted/certified too?
>
>Sites, like people, *earn* trust. We can't just give it to them, nor
>can we certify them. We only administer the cygwin archives on
>sourceware; that's all we can attest to. If you want to know what
>other sites use for procedures, you must ask them directly.
--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com