Subject: Re: RelCache (aka ELF prebinding) news
To: None <tech-userlevel@netbsd.org>
From: None <kpneal@pobox.com>
List: tech-userlevel
Date: 12/01/2002 23:30:37
On Sun, Dec 01, 2002 at 11:22:09PM -0500, Perry E. Metzger wrote:
>
> Bang Jun-Young <junyoung@netbsd.org> writes:
> > > In that case, what is the point of using an MD5 checksum? A random number
> > > of the same length would serve equally well.
> >
> > Since MD5 checksum is known to have very good distribution (i.e. a lot less
> > hash collision), it's the safest method to check for validity of the file.
>
> No. Thor is absolutely correct. There is no advantage to an MD5
> checksum of the file over any random function yielding 128 bits if you
> do not check the hash later on. There is no need for a hash.
Ok, I'll ask a stupid question:
If the unique identifier for the executable (and libraries?) is generated
at prebind time (or link time) then the time required to generated
this ID should be small but isn't a critical issue. Why does it matter
if the ID is generated with MD5 or CRC or pid_uid_time or whatever?
--
Kevin P. Neal http://www.pobox.com/~kpn/
'Concerns about "rights" and "ownership" of domains are inappropriate.
It is appropriate to be concerned about "responsibilities" and "service"
to the community.' -- RFC 1591, page 4: March 1994