Duncan Findlay wrote:
On Fri, Dec 16, 2005 at 03:10:10PM -0800, Justin Mason wrote:
a question that Henry put to me -- should sa-updates of the main ruleset
mandate that GPG verification be used?
Otherwise an attacker that rooted the download server (or a mirror) could
put out faked updates, which would be automatically downloaded by
thousands of servers.
I'm not sure it should be "required" since users could just manually
download it and stick it in the right place and requiring it would be
an inconvenience then, but "strongly recommended unless you give
sa-update the --yes-im-crazy-and-dont-want-to-use-gpg option".*
I'd agree with this. GPG required by default, but with a flag to
workaround it if you *really* want to.
Warren Togami
[EMAIL PROTECTED]
