On 11/18/2009 05:36 PM, Colin Walters wrote:
On Wed, Nov 18, 2009 at 5:18 PM, Jeff Garzik<jgarzik(a)pobox.com>
wrote:
>
> You forget we have botnets doing distributed cracking now.
But...if you've cracked the root password, there are rather easier
(and less audited) routes to trojaning the system than adding a third
party yum repository and downloading your malicious RPM.
I am talking about cracking signing keys, not root passwords.
Jeff