[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Fedora Legacy advistory list is lacking

From: Dominic Hargreaves <dom earth li>
To: Discussion of the Fedora Legacy Project <fedora-legacy-list redhat com>
Subject: Re: Fedora Legacy advistory list is lacking
Date: Tue, 1 Mar 2005 15:25:44 +0000

On Tue, Mar 01, 2005 at 08:05:12AM -0500, Marc Deslauriers wrote:

> It should NOT be automated. Malicious people would be tempted to sent
> out fake advisories to get them automatically published to the web.
> Heck, they could even embed some php in them to try and compromise the
> server.
> 
> A manual yes/no is mandatory IMHO.

Well, gpg verify from a known builder of updates. But yes, I agree.
It would be nice if the known builders were able to publish to the web
site and push package updates to the download server, too, of course ;)

-- 
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)

Follow-Ups:
- Re: Fedora Legacy advistory list is lacking
  - From: Eric Rostetter

References:
- Re: Fedora Legacy advistory list is lacking
  - From: Eric Rostetter
- Re: Fedora Legacy advistory list is lacking
  - From: Marc Deslauriers

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]