FS#67610 - Save file hashes in packages and the local database
Attached to Project:
Pacman
Opened by Dragoon Aethis (DragoonAethis) - Sunday, 16 August 2020, 20:01 GMT
Last edited by Andrew Gregory (andrewgregory) - Saturday, 22 August 2020, 02:33 GMT
Opened by Dragoon Aethis (DragoonAethis) - Sunday, 16 August 2020, 20:01 GMT
Last edited by Andrew Gregory (andrewgregory) - Saturday, 22 August 2020, 02:33 GMT
|
Details
Currently, the local database contains the desc file
(mostly/the same as in the synced databases) and a list of
files + mtree of a given package. It'd be nice to also
include hashes of each file provided by those packages. This
would enable users to verify if the files on disk are
consistent with the original package content and to find all
changes compared to a fresh system with the same installed
package list. (It's not a security improvement though, as
any potentially malicious program that could overwrite
root-owned package files can also overwrite hashes in the
local database.)
|
This task depends upon
Closed by Andrew Gregory (andrewgregory)
Saturday, 22 August 2020, 02:33 GMT
Reason for closing: None
Saturday, 22 August 2020, 02:33 GMT
Reason for closing: None
pacman -S pacutils && paccheck --md5sum --sha256sum [<package-to-check> ...]