[packagekit] Signed packages again again
David Zeuthen
david at fubar.dk
Thu Nov 15 14:52:37 PST 2007
On Thu, 2007-11-15 at 22:44 +0000, Richard Hughes wrote:
> > Probably yum legends can comment on how hard this is to check?
>
> Well, we have to check all the things it depends on; for instance if we
> have to install an unsigned package as a dep to a signed package is that
> unsigned or signed?
I think if just one of the packages that is part of the transaction is
untrusted, the whole transaction would be untrusted, yes?
David
More information about the PackageKit
mailing list