[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: "File Type" Buddy for Fedora 9?



Andrew Parker wrote:
repositories (a la yum) for the database.  then files that couldn't be
opened by fedora rpms could be provided by other "repos".

This would open fedora to all types of security problems because the fedoraproject is not able to control/vet/modify external repos - and hence this capability is specifically disallowed in the fedora packaging process.

Having the current setup where a user goes to a web site, installs a x-release rpm, and then needs to accepting import of the repo's signing key means that it is the user who needs to decide whether they can trust repo x {which could do _anything_ on their machine}.

DaveT.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]