Re: FC5 Boot Issue?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



jdow wrote:

> Thou art righteously screwed, Mr. Jim.
> 
> 5.0 is not released yet. You MAY have a hacked nasty-tool on your system.

MAY is a bit different from the certainty of a righteous screwing.  I
seriously doubt he should be more worried than you or I on a previous
Fedora release.

> Poor sucker. (At fedora's site at RedHat.com the FC 5 directory is not
> world readable yet.)

To be fair, when you install anything you MAY be installing something
bad, no matter if you got it from RHAT.  They get their sources from
other projects and I seriously doubt someone line-by-lines them after
download.  There continue to be attempts by bad people to backdoor
upstream project sources, including the kernel itself, in ways that are
hard to detect.  We happily assume that every attempt known about is
indeed every attempt.

It seems to be a bit of a tradition that FCx leaks a little early after
it is finalized but while the mirrors are sync'd, and as somebody noted
the SHA-1s are signed with a RHAT key.  However if it were me I would
download the thing but not install it until I checked the SHA-1s after
RHAT release, that way you at least optimized out the download time in
the most likely case it is genuine.

-Andy

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux