Historical bug tracker for the Pacman package manager.
The pacman bug tracker has moved to gitlab:
https://gitlab.archlinux.org/pacman/pacman/-/issues
This tracker remains open for interaction with historical bugs during the transition period. Any new bugs reports will be closed without further action.
The pacman bug tracker has moved to gitlab:
https://gitlab.archlinux.org/pacman/pacman/-/issues
This tracker remains open for interaction with historical bugs during the transition period. Any new bugs reports will be closed without further action.
FS#9548 - Add crypto signatures to pacman packages
Attached to Project:
Pacman
Opened by Damjan Georgievski (damjan) - Tuesday, 12 February 2008, 16:40 GMT
Last edited by Dan McGee (toofishes) - Tuesday, 12 February 2008, 17:02 GMT
Opened by Damjan Georgievski (damjan) - Tuesday, 12 February 2008, 16:40 GMT
Last edited by Dan McGee (toofishes) - Tuesday, 12 February 2008, 17:02 GMT
|
DetailsI think one of the most important features Pacman lacks is the support for cryptographic package signatures.
As it is now, any malicious or compromised mirror could tamper with the packages. I think this problem is well understood and the sollutions are present in at least apt-get, rpm and slapt-get so it wouldn't be too hard to implement it. |
This task depends upon
Closed by Dan McGee (toofishes)
Tuesday, 12 February 2008, 17:02 GMT
Reason for closing: Duplicate
Additional comments about closing: Dupe of FS#5331
.
"..it wouldn't be too hard to implement it." Really? Patches welcome.
Tuesday, 12 February 2008, 17:02 GMT
Reason for closing: Duplicate
Additional comments about closing: Dupe of
"..it wouldn't be too hard to implement it." Really? Patches welcome.