'Yiyi50' via qubes-users: > I'm running qubes 4.0 on a Purism Librem 13 v4. I've installed updates for my > templates without necessarily reading everything in the terminal before > clicking "y". How concerned should I be of having inadvertently installed an > unsigned package? Is there a command i can run to check the signatures on all > my installed packages? I should mention that I'm relatively new to linux and > qubes. How common is the installation of unsigned packages in Fedora or > Debian? Does the qubes team audit/review all template updates? > If you haven't gone out of your way to add repos to your templates, you would be using the default repos, which require signed packages. Your chances are basically nil. No-one from Qubes audits updates that are not from Qubes (with the possible exception here or there for security critical ones like Xen); that is up to the maintainers of packages in each distribution (Fedora/Debian).
-- - don't top post Mailing list etiquette: - trim quoted reply to only relevant portions - when possible, copy and paste text instead of screenshots -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a15600bc-54f0-cdbe-2aa4-6debc0ce3a40%40danwin1210.me.
