Digitally signed RPMs in Kickstart
Chris Lumens
clumens at redhat.com
Wed Mar 21 19:43:34 UTC 2007
> Is it possible to have Kickstart verify digital signatures on RPMs
> during the installation process?
>
> We want to have a kickstart server that serves several different network
> tiers, however, our security team is concerned that if an attacker were
> to get onto the system, they could replace some of the RPM's with his
> own and each time a new system was kickstarted, would have the bogus
> RPM.
Nope. See the very old bug:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=998
- Chris
More information about the Kickstart-list
mailing list