How secure is Preupgrade? Answer: Not.
Beartooth Sciurivore
beartooth at swva.net
Wed May 21 17:05:13 UTC 2008
On Wed, 21 May 2008 00:27:17 +0200, Björn Persson wrote:
> I went ahead and read the code. [....]
>
> I've got my answer: Preupgrade is not secure. I'll continue upgrading
> the way I've done it before – either with Yum or from a DVD image on a
> USB stick.
Dumb question, probably : if you install and run preupgrade
according to http://fedoraproject.org/wiki/PreUpgrade, BUT let it stop
after downloading boot images, is there some user-friendly thing you can
do then to make it secure? Something on the order of getting into a
directory and commanding, in effect, "check all signatures"?
Or had we just better wait till PreUpgrade 1.0 comes out? Or ...?
If the latter, do we need to get rid of whatever-all 0.9.3-3
downloaded? Or will we be able to just "yum update PreUpgrade" in F8 and
then run it again?
--
Beartooth Staffwright, Not Quite Clueless Power User
C5; D4; F8&9; P3; U8.4; Alpine 1.10, Pan 0.132; Privoxy 3
Remember I know little (precious little!) of where up is.
More information about the fedora-list
mailing list