[pmwiki-users] Infected Cookbook Recipes?

Randy Brown randy at brownragfilms.com
Mon Sep 22 09:13:58 CDT 2008

Another idea would be to review and then hash scripts now and then -  
for example at times of major releases. Doesn't necessarily have to be  
the script author who does this. Recipes would keep the most recent  
scrutinized version available for download. An official recipe  
installer would then ensure that the scripts in the "last scrutinized  
release" hash correctly. That might protect a significant number of  
people who would choose to be safe. The fewer who might download a  
virus, the less of a target the scripts would be. One downside to this  
approach is that it would retard adoption of the last version of  
scripts. But you'd have to compare that to the chilling consequences  
that the discovery of a virus would have on the adoption rate.

I wonder how other projects handle this problem. Maybe Pmwiki has it  
because it's so oriented to customization.


On Sep 22, 2008, at 2:49 AM, Hans wrote:

> Monday, September 22, 2008, 12:15:22 AM, Neil Herber (nospam) wrote:
>> I suppose authors could post an MD5 hash of the cookbook item,
> ... I would not like this extra work.

More information about the pmwiki-users mailing list