Re: How secure is Preupgrade?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora <fedora-list@xxxxxxxxxx>
Subject: Re: How secure is Preupgrade?
From: Rahul Sundaram <sundaram@xxxxxxxxxxxxxxxxx>
Date: Tue, 20 May 2008 04:54:08 +0530
In-reply-to: <200805200050.37249@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Organization: Red Hat
References: <200805200050.37249@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: For users of Fedora <fedora-list@xxxxxxxxxx>
User-agent: Thunderbird 2.0.0.14 (X11/20080501)

Björn Persson wrote:

Preupgrade is clearly a good idea. There's just one thing with how it'simplemented that I'm wondering about: What does it do to check the files itdownloads for malicious tampering?

Preupgrade is essentially a wrapper around yum. Yum has gpg signaturesupport and it does check the keys used while building the packages whenit is installing them by default just like it does on any regularinstallations or upgrades of packages. Anaconda merely is picking up theupdates from your local hard disk after preupgrade in combination withyum has downloaded them.


Rahul

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

References:
- How secure is Preupgrade?
  - From: Björn Persson

Prev by Date: Re: F7 Motherboard change
Next by Date: Re: F9: .procmailrc ignored
Previous by thread: How secure is Preupgrade?
Next by thread: Re: How secure is Preupgrade?
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]

Powered by Linux