Windows has a signature system which allows you to make sure that an executable hasn't been modified after it has been signed. I used to use this as a security measure in Windows.
Does linux have such a system which allows developers to put signatures in executables and .debs so that the user can verify them? So, for example some one gives me a modified version of a program. I can see if the programs signature is valid or if it has a signature in the first place.
Best Answer
Software that is in the repositories does not really need a signature. We can assume that the software coming from those can be trusted.
But it is possible to check it through its md5 checksum. Launchpad page on MD5 checksum step 2: