sean finney on 9 Dec 2009 14:33:38 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] trusting linux packages

On Wed, Dec 09, 2009 at 03:12:42PM -0500, Greg Helledy wrote:
> Repositories where someone takes responsibility for what's there, like 
> and are (hopefully?) very different 
> from sites where "sk8-237" just uploaded his cool new screensaver, and 
> none of the other 2 users who've tried it have posted any complaints.

also note that both backports and debian-multimedia are signed repositories,
i.e. you can (a) verify that the packages are genuine and not modified by
someone other than the signer, and (b) inspect *who* the signer is, to
see if he/she is someone you want to trust with root privilege on your box.


Attachment: signature.asc
Description: Digital signature

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --