Hi! Do urpmi/rpmdrake check the gpg key and warn the user if a package is not signed (by MandrakeSoft)? IIRC the old MandrakeUpdate did this.
But now we have in fact several packages in cooker which are NOT signed (e.g. gnome-vfs-1.0.4-4mdk.i586.rpm and xmms-more-vis-plugins-1.5.0-2mdk.i586.rpm) and all of them where installed in my system without a warning. BTW: only checking for a valid gpg signature is imho not enough. The user should be able to configure who he wants to trust. All packages not signed by someone he trusts should at least generate a warning. -- Michael Reinsch <[EMAIL PROTECTED]> http://mr.uue.org ------------------------------------------------------------------------
