[Server-devel] rpm installation via customization stick
Sridhar Dhanapalan
sridhar at laptop.org.au
Tue May 10 10:01:42 EDT 2011
On 10 May 2011 23:09, Reuben K. Caron <reuben at laptop.org> wrote:
>
> On May 10, 2011, at 6:14 AM, Sridhar Dhanapalan wrote:
>
> Can we make it so that it only installs signed RPMs? Would that help?
>
> I signed manifest which includes a list of files would probably be more
> feasible as you wouldn't have to alter the RPMs.
Good point.
However, I was thinking along more simplistic lines. We could have
have it so that one can only install RPMs signed with a signature[0]
that is present in the RPM database. This would allow users to add
their own RPMs, but prevent 'unofficial' ones from being installed.
Sridhar
[0] https://fedoraproject.org/keys
More information about the Server-devel
mailing list