On Wed, 2013-01-30 at 16:08 -0800, Joe Zeff wrote: > On 01/30/2013 03:02 PM, Raf Roger wrote: > > it helps me to installed everything as i wanted and it works well. > > Good. Please note that I only suggested that option because I trust > rpmfusion. Unless you're sure it's safe, it's probably better not to > try it, especially with an obscure third-party repo. ---- sort of an uninformed opinion offered to solve a problem (which indeed worked) and by not understanding the risks involved, you couldn't properly note the risks to the person you were advising. You should install the repo key on your system prior to ever installing packages. If you import the key, you don't have this problem. Instructions are on rpmfusion.org website for this purpose. Yum's 'nogpgcheck' option bypasses the signature requirement on packages which means that you could install packages from anyone claiming to be rpmfusion.org. It is relatively simple to poison someone's DNS and direct them to some other repo so while you trust rpmfusion.org, you are also trusting your DNS not to lie to you. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
