[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Package XYZ is not signed

From: nodata <lsof nodata co uk>
To: Development discussions related to Fedora <fedora-devel-list redhat com>
Subject: Re: Package XYZ is not signed
Date: Sun, 28 Oct 2007 18:22:07 +0100

Am Donnerstag, den 25.10.2007, 22:51 -0400 schrieb Will Woods:
> This has been discussed a bunch of times already. Rawhide packages
> aren't signed. This is intentional.

That's nice. So I'll stop testing rawhide now because I don't know where
the packages are from. Conveniently jumping off and on the security
bandwagon at different stages in the release is a bit churlish.

It only takes one malicious unsigned package to be installed for the box
to be compromised, and nothing will protect against that.

Come on though, we have auto-signing now, what was the killer reason for
unsigned rpms?

Follow-Ups:
- Re: Package XYZ is not signed
  - From: Toshio Kuratomi
- Re: Package XYZ is not signed
  - From: Andrew Farris

References:
- Package XYZ is not signed
  - From: yonas Abraham
- Re: Package XYZ is not signed
  - From: Will Woods

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]