'Yiyi50' via qubes-users:
> I'm running qubes 4.0 on a Purism Librem 13 v4. I've installed updates for my 
> templates without necessarily reading everything in the terminal before 
> clicking "y". How concerned should I be of having inadvertently installed an 
> unsigned package? Is there a command i can run to check the signatures on all 
> my installed packages? I should mention that I'm relatively new to linux and 
> qubes. How common is the installation of unsigned packages in Fedora or 
> Debian? Does the qubes team audit/review all template updates?
If you haven't gone out of your way to add repos to your templates, you
would be using the default repos, which require signed packages. Your
chances are basically nil. No-one from Qubes audits updates that are not
from Qubes (with the possible exception here or there for security
critical ones like Xen); that is up to the maintainers of packages in
each distribution (Fedora/Debian).

- don't top post
Mailing list etiquette:
- trim quoted reply to only relevant portions
- when possible, copy and paste text instead of screenshots

You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 

Reply via email to