Les Mikesell wrote:
But we do know that a large number of DNS servers are still vulnerable to spoofing. How do you know that what you think was an official mirror delivering your rpm update wasn't an imposter, spoofed in DNS.
You're absolutely right, but if I assume we're talking about RHEL infrastructure, in this case the attacker has to spoof the up2date's/yum's RHN certificate, too.
-- BÉRES László RHCE, RHCX senior IT engineer, trainer Red Hat, Fedora, CentOS, SELinux: http://sys-admin.hu -- fedora-list mailing list [email protected] To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list