[linux-elitists] [RANT] Debian the Elitist Distribution?

Aaron Lehmann aaronl@vitelus.com
Sun Feb 15 12:54:30 PST 2004


On Sun, Feb 15, 2004 at 12:36:18PM -0800, Rick Moen wrote:
> Release files are in turn signed by the master package-releasing
> program's gpg key, and the hash stored in Release.gpg in the same
> directory.  If you're utterly paranoid, you can configure your system
> checks _that_ signature against the debian-keyring set.

In fact, apt 0.6 in experimental defaults to performing this check (as
well as checking the md5sums of the packages, of course).



More information about the linux-elitists mailing list