On Mon, August 22, 2005 3:06 pm, Michael Schwendt said:
With emphasis on "_securely_".
Just like you don't want to click a link and see an .exe file execute and
start downloading and installing something, you don't want automated
installation of Yum repositories. _Any_ repository out there could add
itself to your configuration with a single click and provide packages
which replace Core files. Adding real security in this area requires much
more than asking the user for confirmation. For now, adding Yum repo
entries with something like "rpm -ivh
http://.../foo-release-4-1.noarch.rpm"
and letting Yum install the included GPG key should be easy enough even if
it implies that some users probably trust some repositories blindly,
because those users focus on simplicity instead of security.
Would be nice to avoid the need for the command line. Wouldn't a simple
popup having a boilerplate warning and the description extracted from the
rpm be sufficient? If not, what else is needed? Remember this is about
generic rpm installation of any program, not just rpms containing repo
entries. I suppose there should be a more verbose warning message if the
rpm isn't signed with a trusted key but beyond that how much more "secure"
can you make it?
Sean