Subject: | |
From: | |
Reply To: | |
Date: | Fri, 13 Nov 2009 18:58:26 -0800 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
On Fri, Nov 13, 2009 at 04:26:15PM +0100, Gianni Pucciani wrote:
> Hello,
> I noticed that the package jdk-1.6.0_16-fcs.x86_64.rpm is not signed
>
> I solved removing gpgcheck=1 from the sl.repo file which has by default:
>
I hope you restored gpgcheck=1 after installing the java rpms.
Without gpgcheck=1 evil hackers own your machines by the next morning, by hijacking
the DNS entry of your SL mirror (or by 100 other easy to do hacks).
I have been complaining about this for years, but I guess people who were
never owned by evil hackers do not take such stuff seriously.
K.O.
> [sl-base]
> name=SL 5 base
> baseurl=http://linuxsoft.cern.ch/scientific/5x/$basearch/SL
> http://ftp.scientificlinux.org/linux/scientific/5x/$basearch/SL
> http://ftp1.scientificlinux.org/linux/scientific/5x/$basearch/SL
> #mirrorlist=ftp://ftp.scientificlinux.org/linux/scientific/mirrorlist/sl-base-5x.txt
> enabled=1
> gpgcheck=1
> # To use priorities you must have yum-priorities installed
> priority=10
> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-sl
> file:///etc/pki/rpm-gpg/RPM-GPG-KEY-sl5
> file:///etc/pki/rpm-gpg/RPM-GPG-KEY-csieh
> file:///etc/pki/rpm-gpg/RPM-GPG-KEY-dawson
> file:///etc/pki/rpm-gpg/RPM-GPG-KEY-jpolok
> file:///etc/pki/rpm-gpg/RPM-GPG-KEY-cern
> file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
>
>
> Do you know why that package is not signed? I was not getting this error
> before.
> Thanks
>
> Regards,
> Gianni Pucciani
--
Konstantin Olchanski
Data Acquisition Systems: The Bytes Must Flow!
Email: olchansk-at-triumf-dot-ca
Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
|
|
|