> > However: Distributing a pacman keychain master key to more than one machine is > rarely a sensible solution. If you actually want the very specific additional > security checks offered by only allowing signed packages, you must ensure a > properly secured master key with a diligently confirmed web of trust. If the > private master key, which is being generated with --init, leaks, it is trivial > for a hypothetical attacker to directly sign manipulated packages with this > key, which basically invalidates the security benefit signed packages are > supposed to offer. Good point, I though about this one too, but what about automatic `pacman-key --init' at install time? This would solve the problem no?
