Should Fedora rpms be signed?
Matias Féliciano
feliciano.matias at free.fr
Tue Oct 26 12:34:07 UTC 2004
Le mardi 26 octobre 2004 à 08:25 -0400, William Hooper a écrit :
> nodata said:
> > A recent scam involving fake updates to Fedora has highlighted the lack
> > of signed RPMs for Fedora Core.
>
> How? Would it make you feel better if the fake updates had installed a
> signature first?
Impossible. gpg check is done _before_ installing the package.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Ceci est une partie de message
=?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
Url : http://lists.fedoraproject.org/pipermail/test/attachments/20041026/7c64fc0e/attachment.bin
More information about the test
mailing list