Should Fedora rpms be signed?
Matias Féliciano
feliciano.matias at free.fr
Tue Oct 26 12:34:07 UTC 2004
Le mardi 26 octobre 2004 à 08:25 -0400, William Hooper a écrit :
> nodata said:
> > A recent scam involving fake updates to Fedora has highlighted the lack
> > of signed RPMs for Fedora Core.
>
> How? Would it make you feel better if the fake updates had installed a
> signature first?
Impossible. gpg check is done _before_ installing the package.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Ceci est une partie de message num?riquement sign?e
URL: <http://listman.redhat.com/archives/fedora-test-list/attachments/20041026/7c64fc0e/attachment.sig>
More information about the fedora-test-list
mailing list