Re: new isos?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2008-09-09 at 19:56 +0530, Rahul Sundaram wrote:
> Frode Petersen wrote:
> > I can't remember having seen them mentioned in the info about the 
> > ongoing repackaging, so just to get it confirmed: Will the isos also be 
> > repackaged with new keys (inside the image, if relevant, and for the 
> > download)?
> 
> No. This was mentioned in one of the announcements.
=> Anybody installing Fedora from iso will have the "seemingly
compromised gpg key" installed in his rpm-database.
=> There will be a time-window during which such systems will be
receptive to compromised packages.

This window could have been avoided by using a new gpg-key.

Of cause, this actually does change much, because if the gpg-key should
have been compromised, all existing installations of FC8/9 currently are
receptive to such compromised packages.

Ralf






-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux