> Rpm actually already verifies signatures _if present_ by default since 4.0 or
> thereabouts, but it doesn't _require_ them. Enforcing is supported since >=
> 4.14.2 and we also have the bypass-switch (--nosignature) already, so from
> strict technical perspective this is just a matter of one line change to turn
> the policy switch to 11 (`%_pkgverify_level all`).
>
> The only thing stopping us is that it breaks the workflow of installing your
> own local builds - you need to sign or use --nosignature to install. For
> everything else this is 20 years too late already As the average user is not
> even affected at all... maybe the folks who build packages can be expected to
> deal with a little extra configuration to make the rest of the world that
> much safer.
Agreed. Those who build packages can generate their own signing keys.
Personally, I would consider being able to disable this on a per-package basis
a good idea, but it isn’t a blocker.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1573#issuecomment-798172203
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
