As I recall, what you state below is similar in sentiment to response/s
when I noted the "same" comment concerning Princeton EL in the past. I
take it from your response no one in the larger EL community (including
HPC/HTC) shares the Princeton "sentiment" and that there is no "basis in
data/fact" for it? At that time, we decided to deploy SL; CentOS Stream
however totally is unsatisfactory for our needs.
On 12/14/20 1:10 PM, Konstantin Olchanski wrote:
and ... CentOS RPMs are not 100% safe ...
This is a very unexpected statement. I feel it should not be passed
unquestioned.
Is there any meat there or it's just a general statement on the security
of the CentOS build process vs the security of the Red Hat build process
vs the security of the Princeton build process? (including signatures of source
code,
signatures of binary packages, security of the mirror network, etc).
