Le dimanche 24 octobre 2004 à 20:40 -0700, Andrew Farris a écrit :
On Sun, 2004-10-24 at 22:15 -0500, Ian Pilcher wrote:
> AMAZING POWERS OF OBSERVATION wrote:
> > Official messages from the Red Hat security team are never sent
> > unsolicited, are always sent from the address
> > secalert(a)redhat.com, and are digitally signed by GPG. All
> > official updates for Red Hat products are digitally signed and
> > should not be installed unless they are correctly signed and the
> > signature is verified..."
>
> Too bad rawhide updates often *are* unsigned.
Which is chiefly why you're supposed to keep it off critical systems..
My personal computer (which run FC3 since FC3T2) is a "critical system".
Not you ?
Every one here know that rawhide can be completely buggy. It's not a
reason to tolerate security hole.
that and the not-so-rare its-completely-borked-again occurrences.
It
would certainly be nice to have them all come signed however.
Yes.