On Tue, 2003-11-25 at 05:12, Timothy Ha wrote: > Thank you! > > I still have some questions (not doubts): With thrilling stories like > someone break into Linux kernel source, how do you guarant the quality > of the repositories? Security updates, system tools and so on are there. > > Will Redhat be some guarantee to all these things? Not necessarily, but... The packages are all signed with GPG if they are officially part of the Fedora project. Your up2date/apt/yum should be configured to check these signatures before installing anything, and to scream "bloody-blue murder" if they are not correctly signed. You should be able to find the official keys and and explanation of their uses here: http://fedora.redhat.com/about/security/ -- Chris Kloiber Red Hat, Inc.
