[Slackbuilds-users] sha256sum instead of md5sum?

David Spencer baildon.research at googlemail.com
Sat Apr 18 07:34:50 UTC 2015

IMO the main reason for supporting sha256sum would be for avoiding bad
publicity if someone out there starts an anti-md5sum witch hunt.

In the real world there are two big checksum problems. The first
problem is upstream, where some of them see nothing wrong in repacking
or amending tarballs. This directly causes the other problem, where
end users have been trained by bad upstreams to not check, or just
carry on if the md5sum is wrong.

In these circumstances, SBo's choice of md5sum is not the weakest link!

Some READMEs already mention unversioned downloads that are known to
change, and it might help the third party tools to avoid corrupting
the fragile minds of end users if this was somehow encoded in the
.info file e.g. MD5SUM="no". But that would need far, far too much

(too modest to mention a third party slackbuild tool that already
supports sha256sum)

More information about the SlackBuilds-users mailing list