Feature changed by: Marcus Meissner (msmeissn) Feature #306508, revision 2 Title: external checksum for supplied files openSUSE-11.2: New Priority Requester: Desirable + Requested by: Elmar Stellnberger ATK (estellnb) Requested by: Marcus Meissner (msmeissn) Description: (on behalf of Elmar Stellnberger) I would appreciate the OpenSuse-project to keep sha-1s/md5sums of all valid files as other professional OS vendors do (Microsoft, Apple). I believe the effort to implement this would not be too high; the creation of an automatic cheksum list could be implemented in the build service (see also: https://bugzilla.novell.com/show_bug.cgi?id=491193). To me keeping such a list is the only way to verify that a system is clean because in my case attackers succeeded to alter the checksum table of the rpm database (rootkit was additionally not found by any antivirus sw i.e. clamav, norton, chkrootkit, etc.). Without such a checksum table I had to recreate a plain installation by hand (i.e. some self written script) by redownloading exactly the same realease and package versions from the same source as they had been drawn originally from in order to compare both roots: very cumbersome, laborious (about 2000 packages) and error prone; some packages from Packman differed although they were of same version, release and download URL; others were not available any more. I believe maintaining such a checksum table would be a true win for the Opensuse project in means of security and error reporting. Relations: - provide boot cd to md5sum core system files (novell/bugzilla/id: 491193) https://bugzilla.novell.com/show_bug.cgi?id=491193 -- openSUSE Feature: https://features.opensuse.org/306508