On Wed, 2009-11-18 at 14:49 -0800, Adam Williamson wrote: > On Wed, 2009-11-18 at 10:52 -0800, Jesse Keating wrote: > > On Wed, 2009-11-18 at 13:22 -0500, James Antill wrote: > > > > > > 7. And the most obvious one ... how hard is it to get a bad package into > > > one of the repos. that the machine has enabled. > > > > Right, PK is counting on this being sufficiently difficult enough to > > prevent bad things from happening. While I'd like to think that, and > > would like to say that, I can't. > > I do not see how that's relevant, frankly. For it to be relevant it > would have to be true to state that, if you need root privileges to > install signed packages, it's absolutely no problem if a signed package > is evil. Obviously, that's not at all true. An evil 'trusted' package > would be a Very Bad Thing in any case. Whether you need to be root to > install a trusted package or not is entirely orthogonal, as far as I can > see. > > -- > Adam Williamson > Fedora QA Community Monkey > IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org > http://www.happyassassin.net > I'd like to point out that there are trusted packages that I wouldn't want my users downloading. John is a good example but there are others. Anyone requested that CVE yet? --Eric
Attachment:
signature.asc
Description: This is a digitally signed message part
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
