Re: Up2date and SysAdmin auth.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: Up2date and SysAdmin auth.
From: Stanley Allely <eod76@xxxxxxxxx>
Date: Tue, 10 Aug 2004 04:58:21 -0600
In-reply-to: <1607.12.29.16.103.1092084964.squirrel@[12.29.16.103]>
References: <[email protected]> <1092058251.29614.38.camel@lathe> <[email protected]> <1092082173.29614.90.camel@lathe> <1607.12.29.16.103.1092084964.squirrel@[12.29.16.103]>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2) Gecko/20040803

William Hooper wrote:
The RPMs are signed with the Fedora GPG key.  If you choose to configure your system to not check it, then you might have a problem.

So the weak points in the update process are:
1. repository compromise 2. session hijacking 3. packet injection/spoofing


All fixed by configuring up2date and/or yum to verify GPG signatures.

Does the default up2date verify the signatures or do I need to do some tweaking? If so, what do I do? Thanks Stan

Follow-Ups:
- Re: Up2date and SysAdmin auth.
  - From: William Hooper

References:
- Up2date and SysAdmin auth.
  - From: Stanley Allely
- Re: Up2date and SysAdmin auth.
  - From: Scot L. Harris
- Re: Up2date and SysAdmin auth.
  - From: Stanley Allely
- Re: Up2date and SysAdmin auth.
  - From: Scot L. Harris
- Re: Up2date and SysAdmin auth.
  - From: William Hooper

Prev by Date: Re: problems with lock screen
Next by Date: The best Live CD
Previous by thread: Re: Up2date and SysAdmin auth.
Next by thread: Re: Up2date and SysAdmin auth.
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]