Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Wed, 23 Oct 2002 18:42:21 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Wed, 23 Oct 2002 18:42:21 -0400 Received: from jstevenson.plus.com ([212.159.71.212]:18987 "EHLO alpha.stev.org") by vger.kernel.org with ESMTP id ; Wed, 23 Oct 2002 18:42:18 -0400 Subject: Re: One for the Security Guru's From: James Stevenson To: jamesclv@us.ibm.com Cc: Gilad Ben-ossef , Linux Kernel Mailing List In-Reply-To: <200210231539.43167.jamesclv@us.ibm.com> References: <20021023130251.GF25422@rdlg.net> <200210231514.07192.jamesclv@us.ibm.com> <1035411422.5377.11.camel@god.stev.org> <200210231539.43167.jamesclv@us.ibm.com> Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Ximian Evolution 1.0.3 (1.0.3-6) Date: 23 Oct 2002 23:44:17 +0100 Message-Id: <1035413057.4357.14.camel@god.stev.org> Mime-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 910 Lines: 21 > Third, if they don't do it already, I'd like kpackage, gnorpm, and similar > tools to always check signatures before loading a package. (And, for the GPG > public keys used to have come with trust signatures from the installation > CD.) That would really help with all the newbies to *nix coming on board > now. dont most of thoose only use a shared libary which would mean 1 file overwrite and disable all. Though rpm i know is normally static. > PS: If you don't trust your gpg or rpm, boot off install CD # 1, switch to a > text console, and use the ones on the CD. QED. :^) heh by the time you dont trust it. Its normally time to reinstall. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/