In message <20010308210820.A27418@noc.untraceable.net>, Andrew Brown writes:
>>>>>>	- change the build system to populate /var/named/ by default
>>>>>>	  (with named-xfer, the example etc/namedb, ...)
>>>>>...named-xfer would be installed in /var/named/usr/libexec/named-xfer
>>>>>and a symlink would be put at /usr/libexec/named-xfer?
>>>>
>>>>	or, every time before named startup, copy /usr/libexec/named-xfer
>>>>	into /var/named/usr/libexec/named-xfer.
>>>
>>>that might be a bit heavy.  running cmp (or diff) would be heavier,
>>>but checking that the mtime and size were the same (if copied with -p)
>>>would probably be sufficient.
>>
>>Those are easy to fake.  Run md5 on it, and compare to the stored md5 
>>checksum of the original.
>
>true.  but running md5 on the old one and the new one would be more
>expensive than a simple cp.  perhaps cp is the way to go...
>

That's why I specified "the stored md5 checksum" of the old one -- so 
that you don't have to do it each time.

But your basic point is, in fact, correct -- this is a rare operation 
for most people; there's no reason to add complexity to optimize 
something that's so rare.

		--Steve Bellovin, http://www.research.att.com/~smb