FS#9548 - Add crypto signatures to pacman packages
Attached to Project:
Pacman
Opened by Damjan Georgievski (damjan) - Tuesday, 12 February 2008, 16:40 GMT
Last edited by Dan McGee (toofishes) - Tuesday, 12 February 2008, 17:02 GMT
Opened by Damjan Georgievski (damjan) - Tuesday, 12 February 2008, 16:40 GMT
Last edited by Dan McGee (toofishes) - Tuesday, 12 February 2008, 17:02 GMT
|
Details
I think one of the most important features Pacman lacks is
the support for cryptographic package signatures.
As it is now, any malicious or compromised mirror could tamper with the packages. I think this problem is well understood and the sollutions are present in at least apt-get, rpm and slapt-get so it wouldn't be too hard to implement it. |
This task depends upon
Closed by Dan McGee (toofishes)
Tuesday, 12 February 2008, 17:02 GMT
Reason for closing: Duplicate
Additional comments about closing: Dupe of FS#5331
.
"..it wouldn't be too hard to implement it." Really? Patches welcome.
Tuesday, 12 February 2008, 17:02 GMT
Reason for closing: Duplicate
Additional comments about closing: Dupe of
"..it wouldn't be too hard to implement it." Really? Patches welcome.