hughsient at gmail.com
Mon Apr 14 07:46:04 PDT 2008
On Mon, 2008-04-14 at 09:59 -0400, Matthias Clasen wrote:
> If we are in agreement that none of update-system, update-package,
> install-package or install-file should allow installing untrusted (ie
> either unsigned or signed with an untrusted key) packages, this should
> be clearly documented somewhere.
Well, I think that we only have to limit install-file to installing GPG
files - we then make the assumption that we don't get dns spoofed and
the mirror gets attacked.
> Why do we need InstallFileUnsigned when we can already do the "GPG
> dance" ?
Well, some packagers don't sign their packages (myself as an example)
although that might be a good way to start enforcing people like me to!
More information about the PackageKit