On Mon, 2002-11-11 at 17:06, Seedkum Aladeem wrote: > Hi, > > I was trying to install an rpm package using the software installer that came > with LM9.0 and its KDE gui. Using Konqueror, I right clicked on the rpm > package on the source ftp site then I selected "software installer" from the > pop-up window. A short while later I got this message "No GPG signature in > package. Do you want to install anyway?" I was trying to install the > following package: > ftp://icarus.com/pub/eda/verilog/v0.6/RPMS/verilog-0.6-0.i386.rpm > How dangerous is it to go ahead with the install? > > Thanx, > > Seedkum > OH MY GOD - IT COULD BE HORRIBLY DANGEROUS! (Not!) Having the GPG sig is only really reassurance that it's not been messed with by anyone but the author (or packager)...so by installing it without the GPG sig, you're just assuming that the package is "alright" and sticking it on your system FAITHFULLY...I personally don't think that a "script kiddie" is going to muck around with an RPM...that is, IF a "script kiddie" even knew what an RPM was in the first place...
-- Mon Nov 11 22:40:00 EST 2002 -------------------------------- | __ __ | | / \ /| |'-. | | .\__/ || | | | | _ / `._ \|_|_.-' | | | / \__.`=._) (_ |kuhn media australia | |/ ._/ |"""""""""| |http://kma.0catch.com | |'. `\ | | |stephen kuhn | ;"""/ / | | |email: [EMAIL PROTECTED] | smk ) /_/| |.-------.| |mobile: 0410-728-389 | ' `-`' " " | -------------------------------- I hope you millionaires are having fun! I just invested half your life savings in yeast!!
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
