That's part of it, yeah! Does anaconda in fact verify the signatures? RPM
doesn't do it by default, anaconda would need to run 'rpm --checksig'.
The other piece that needs to be checked is the install image that's
downloaded by the 'loader' program, netstg1 or whatever it's called, and
maybe an updates.img, if one exists. Oh, yeah, then there's the comps,
hdlist, hdlist2 files.
No point in building steel doors if the walls are made of wet toilet paper.
I want a complete solution that is secure from start to finish.
Thanks!
John
----- Original Message -----
> [...]
> I think having the installer check the signatures would be a better answer
> to the paranoia, yeah?
>
>
> --
> Matthew Miller mattdm@xxxxxxxxxx <http://www.mattdm.org/>
> Boston University Linux ------> <http://linux.bu.edu/>
>
