[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: rpm --import



Hi.

Jay Turner <jkt redhat com> wrote:

> Security.  It's generally a good idea to validate that the key you're
> adding to the keyring is really the one that you think it is, and if
> this keyring addition were done automatically, then someone could switch
> out the keys, thus a malicious key would be automatically added to the
> keyring. Things start to go downhill from that point.

Well, I generally have to trust the media I install from anyway, so what
is the point in treating a single file different from all the others?


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]