15 Sep
2007
15 Sep
'07
6:28 p.m.
D G wrote:
Why not include an MD5 hash in the DB? When you first download the javascript, it takes an MD5 hash of the file(s) and stores them in the database. Every cron, it checks. If they are not the same, it re-downloads.
Interesting idea, that. It's a step, though the db can also be compromised, if the md5 is re-downloaded regularly that can be mitigated somewhat. That actually does have some merit to it (and it's pretty much why yum and apt-get are trustworthy).