Nicolas Mailhot wrote:
>
> Le Jeu 10 janvier 2013 20:41, Adam Jackson a écrit :
>
>> For the same reason Firefox doesn't automatically accept self-signed SSL
>> certs, and the same reason that ssh doesn't automatically accept new
>> host keys: it'd be creating trust from thin air.
>
> Checking packages are signed by the same key as the installer when yum
> happily trawls half the internet to find mirrors managed by god knows who
> is not thin air security. Right now the only thing that could make our
> installation process more laughably insecure is lapping an 'own me' label
> on one of anaconda's install screens.
>
> Sure checking signature would not be perfect security, but your argument
> is akin to removing airbags from cars that do not have an abs to 'avoid
> creating a false sense of security'
+1
Signature checking against a key in the ISO is definitely an improvement
over no signature checking at all, no Restricted Boot needed.
Kevin Kofler
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
