On Sat, Nov 03, 2012 at 06:32:20PM -0600, Kevin Fenzi wrote: > So, I have been thinking about rawhide. > > I agree identifying the problems/issues would be good, and I think > there's something we can do to help with that: > > Get a nice group of at least 10 or so folks who are active on this list > to agree to run it full time on their main machine.
Rawhide is not intended to be used for anything important and with any security sensitive data because the used packages are not signed. Whenever I asked to get Rawhide packages signed I was also told that it is, because of Rawhide's use case. Everybody using Rawhide for example to maintainer Fedora packages is endangering the Fedora project. Nevertheless, I still believe it would be better if Fedora started to provide signed packages directly from Koji including Rawhide to end this problem. But looking at the current fedup code it seems that Fedora is going to be the first distribution that abandons package security more and more instead of trying to improve it. As far as I know starting with preupgrade doing insecure updates were promoted and now they are going to be made mandatory (except for the unsupported yum update method). Regards Till -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
