Re: RPM hacking.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Ian Pilcher writes:

Aleksey Nogin wrote:
I agree. As long as the short-circuited binary RPM has the correct "Source RPM" field value (e.g. something like "short-circuited") this should not create any problems even if the short-circuited RPM is accidentally (or maliciously) distributed.

Could such binary RPMS be made unsignable perhaps? 

We are not talking about a closed source product.

The source code for RPM is widely available.

Go ahead, arrange to have these short-circuited binary RPMs unsigned, or flagged, or whatever.

It won't matter a hill of beans.

Someone will just make a custom build of rpm that generates binary rpms that will pass all apparent tests, even though they were hacked.

Attachment: pgpYmFyKw9Y6f.pgp
Description: PGP signature

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux