Is it possible to have Kickstart verify digital signatures on RPMs during the installation process?
We want to have a kickstart server that serves several different network tiers, however, our security team is concerned that if an attacker were to get onto the system, they could replace some of the RPM's with his own and each time a new system was kickstarted, would have the bogus RPM.
--
sh
