yum.conf shipped with 1.0
Chris Ricker
kaboom at gatech.edu
Tue Oct 28 14:06:28 UTC 2003
On Tue, 28 Oct 2003, Dave Jones wrote:
> On Tue, Oct 28, 2003 at 05:07:11AM -0500, Alan Cox wrote:
>
> > update-daemon queries DNS to get a TXT value to the 'current'
> > bittorrent seed set (DNS is a nice scalable
> > mechanism to distribute the regularly queried info)
>
> + check gpg signature of signed TXT ?
>
> Would this be sufficient against the possibilities of DNS poisoning?
As long as packages themselves are always signed, DNS attacks don't really
matter, since Trojans will be caught anyway
later,
chris
who's well aware that packages aren't always signed, however ;-)
More information about the fedora-devel-list
mailing list