The Following User Says Thank You to zimon For This Useful Post: | ||
|
2010-03-31
, 19:22
|
Posts: 540 |
Thanked: 288 times |
Joined on Sep 2009
|
#42
|
That is one of the many reasons why DEB packages should be required to have embedded GPG signature of a packager
The Following User Says Thank You to rambo For This Useful Post: | ||
|
2010-03-31
, 23:25
|
|
Posts: 2,535 |
Thanked: 6,681 times |
Joined on Mar 2008
@ UK
|
#43
|
That is one of the many reasons why DEB packages should be required to have embedded GPG signature of a packager, like RPM-packages. If the packager is the same as the developer, even better.
The Following User Says Thank You to Jaffa For This Useful Post: | ||
|
2010-03-31
, 23:57
|
Posts: 1,341 |
Thanked: 708 times |
Joined on Feb 2010
|
#44
|
With Extras we know who uploaded it (not to the extent of a GPG signature, but at least to the extent of a username/password or SSH key) through the user of authenticated Extras Upload Assistant or scp/dput with pre-registered SSH key.
Not in the same league, of course, but almost certainly Good Enough (for now).
|
2010-04-01
, 08:24
|
Posts: 9 |
Thanked: 0 times |
Joined on Nov 2007
|
#45
|
|
2010-04-01
, 09:03
|
Posts: 436 |
Thanked: 298 times |
Joined on Jan 2010
@ England
|
#46
|
|
2010-04-04
, 02:16
|
Posts: 1,427 |
Thanked: 2,077 times |
Joined on Aug 2009
@ Sydney
|
#47
|
Tags |
dangerous, devel, testing |
Thread Tools | |
|
http://manpages.ubuntu.com/manpages/...ebsigs.1p.html