On 22/08/07, Jesse Keating <jkeating(a)redhat.com> wrote:
Also it's easy enough to install some piece of software off the
net
that drops a yum repo file in place and starts handing you packages
from another repo. You should get the opportunity to confirm your
trust in this repo before it starts replacing all kinds of packages in
your system..
(now said packages that drop a repo file could just easily set
gpgcheck=no and bypass all the trust issues, but that's neither here
nor there)
I think it is very important actually. If a malicious package is
putting files in random places as the root user (installing a package
manually using rpm) then we've essentially lost security on the system
as far as I'm concerned.
You could take this argument one step further and a malicious package
could be designed to patch yum/rpm to not do the gpg checks.
Richard.