Re: Fedora News Updates #1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wednesday 07 January 2004 11:12, Rui Miguel Seabra wrote:

> I hope Fedora News stops instructing newbies to use root for anything
> (including making RPMS from software obtained without any checks).
>
> If people start getting used to do it, pretty soon now we'll have
> viruses. No, seriously.

This is the tip of an iceberg.  For example, how many binary RPMs have we 
installed on our machines, signed or unsigned?  Its possible that the 
signer's machines were compromised, or upstream sources attacked and then the 
results signed... and we have to install RPMs as root, so the scripts inside 
them run as root... for unsigned RPMs you are forced to trust the packager's 
good faith.

- -Andy
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/++/qjKeDCxMJCTIRApweAJ9+UwnZP+gc0NVkoRDGUarjiBLmVgCfZ6EG
QWaHjsYnjrVBeUB20cJoHpg=
=lxXF
-----END PGP SIGNATURE-----




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux