Welcome to the Pacman bug tracker. Please search the current bugs and feature requests before filing a new one! Use advanced search and select "Search in Comments".
* Please select the correct category and version.
* Write a descriptive summary, background info, and provide a reproducible test case whenever possible.
* Please select the correct category and version.
* Write a descriptive summary, background info, and provide a reproducible test case whenever possible.
FS#9548 - Add crypto signatures to pacman packages
Attached to Project:
Pacman
Opened by Damjan Georgievski (damjan) - Tuesday, 12 February 2008, 16:40 GMT
Last edited by Dan McGee (toofishes) - Tuesday, 12 February 2008, 17:02 GMT
Opened by Damjan Georgievski (damjan) - Tuesday, 12 February 2008, 16:40 GMT
Last edited by Dan McGee (toofishes) - Tuesday, 12 February 2008, 17:02 GMT
|
DetailsI think one of the most important features Pacman lacks is the support for cryptographic package signatures.
As it is now, any malicious or compromised mirror could tamper with the packages. I think this problem is well understood and the sollutions are present in at least apt-get, rpm and slapt-get so it wouldn't be too hard to implement it. |
This task depends upon
Closed by Dan McGee (toofishes)
Tuesday, 12 February 2008, 17:02 GMT
Reason for closing: Duplicate
Additional comments about closing: Dupe of FS#5331
.
"..it wouldn't be too hard to implement it." Really? Patches welcome.
Tuesday, 12 February 2008, 17:02 GMT
Reason for closing: Duplicate
Additional comments about closing: Dupe of
"..it wouldn't be too hard to implement it." Really? Patches welcome.