[Frugalware-devel] A few questions about Frugalware
Miklos Vajna
vmiklos at frugalware.org
Mon Mar 7 23:54:56 CET 2011
On Mon, Mar 07, 2011 at 05:24:19PM +0000, Ananda Samaddar <ananda.samaddar at newcastle.ac.uk> wrote:
> > Nope - at the moment we just store SHA1 of the packages, to avoid
> > accidental corruptions. Patches are welcome to improve that in
> > pacman-g2, it would not be too hard to use gpgv for this, if one needs
> > it.
>
> That's a real shame, the Arch Wiki says that you use a version of
> pacman that does support package signing. I'm afraid that this is the
> main reason I want to switch from Arch. Their security is not very
> good.
Please ask them to correct the info, then. Misleading anybody would be
bad, indeed.
> Unfortunately I am not a developer, just an 'advanced user' so I
> wouldn't be able to code anything myself.
TBH, While being able to fix issues yourself is nice, in most cases a
packager's life is more about building and testing than coding.
Thanks.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: </pipermail/attachments/20110307/49375fd0/attachment.asc>
More information about the Frugalware-devel
mailing list