Adam Williamson <awilliam@xxxxxxxxxx> writes: > I do not see how that's relevant, frankly. For it to be relevant it > would have to be true to state that, if you need root privileges to > install signed packages, it's absolutely no problem if a signed package > is evil. Obviously, that's not at all true. An evil 'trusted' package > would be a Very Bad Thing in any case. Whether you need to be root to > install a trusted package or not is entirely orthogonal, as far as I can > see. Really? You are talking about changing "the local administrator trusts *this* package" to "the local administrator trusts whoever has the signing key for Fedora to decide which packages should be installed". -- Arnaud -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
