On 06/21/2016 08:43 PM, Ed Greshko wrote:
Generally speaking, yes. But considering the flux rpmfusion is in
these days and I deemed
the risk rather low.
I'll admit that the risk is hypothetical, but what does rpmfusion's flux
have to do with the risk of allowing unsigned packages?
(Bearing in mind, that flag is global. You told dnf to ignore
signatures for all package, on all repos.)