Re: rpm libuser-devel is not signed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Thu, 21 Apr 2011, Mathieu Baudier wrote:

> Sorry, but not everybody is on production machines.
>
> Since the OP could not analyze himself the error message, one could
> safely assume he is not dealing with critical production environments.
> Maybe he was just told: "install quickly this CentOS in VirtualBox,
> just to make sure our app is compatible", and in that case the sooner
> the better.
>
> My "advice" and those of others where underlying the security risk.
> The one of Akemi seems pretty safe (not installing the update).
>
> To put it shortly: Freedom, as in "free software", is about doing
> whatever you want.

Not updating is entirely sensible and sounds like the best default position.
Installing a package you'd expect to be signed when it isn't signed should
ring alarm bells.

Freedom includes being free to make poor decisions.

jh
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux