Re: insecurity/threat of rpm, urpmi, apt-get installs?

From: kavol (kavol_no_at_spam_email.cz)
Date: 10/15/04


Date: Fri, 15 Oct 2004 10:47:30 +0200


> The Debian packages that you install are not signed. (This is related to
> complicated reasons involving the multiple machines and automated
> processes that produce these .debs. The situation may change in the
> future.)

thanks, I was not aware of this - I thought that the debian packaging has
the signing capability and that it is used automatically
... and since I am going to maintain one Debian based system, it is quite
important info (considering the fact that Debian download servers were
hacked in the past ...)

kavol