[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: rpm --import

From: Jay Turner <jkt redhat com>
To: Development discussions related to Fedora Core <fedora-devel-list redhat com>
Subject: Re: rpm --import
Date: Fri, 7 Jan 2005 07:21:11 -0500

On Fri, Jan 07, 2005 at 12:09:52PM +0100, Ralf Ertzinger wrote:
> Florin Andrei <florin andrei myip org> wrote:
> 
> > One thing that i noticed the newbies get confused with is the "rpm --
> > import (blah)GPG-KEY" trick that has to be done after installing a new
> > system.
> 
> I'm sure there is a good reason why the keys are not imported by the installer
> by default, would someone be so kind to tell me why?

Security.  It's generally a good idea to validate that the key you're
adding to the keyring is really the one that you think it is, and if this
keyring addition were done automatically, then someone could switch out the
keys, thus a malicious key would be automatically added to the keyring.
Things start to go downhill from that point.

- jkt

-- 
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*
Jay Turner, QA Technical Lead      jkt redhat com             Red Hat, Inc. 

            If I had only known, I would have been a locksmith.
                                                   - Albert Einstein

Follow-Ups:
- Re: rpm --import
  - From: Ralf Ertzinger
- Re: rpm --import
  - From: Tyler Larson

References:
- rpm --import
  - From: Florin Andrei
- Re: rpm --import
  - From: Ralf Ertzinger

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]