Re: rpm libuser-devel is not signed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Thursday, April 21, 2011 07:56:27 AM John Hodrien wrote:
> If people think that disabling gpg checking is a good idea, you risk this
> finding its way into their yum.conf.  That's exactly what you've seen amongst
> some spacewalk users.

FWIW, there are some out there who don't even think unsigned packages are a problem.  As an extreme example of this, recently I saw on LinuxToday where there was a thread in an archlinux list about signed packages; most of the devs didn't consider them a priority.  At all.

One reason arch won't be in production here any time soon.

Unless you know exactly what you are doing and the full ramifications of doing it you should never disable gpgcheck, since mirrors can be hacked.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux