Closed #364.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/364#event-1469283490___
Rpm-maint mailing list
Yeah it's a bit strange - those "config files" are not supposed to be changed
then they're not really config files, are they? Anyway, commit
99887fec108110f0c85c060fcce48d13f807d058 added a mode where you can sign the
configs too if you so wish.
--
You are receiving this because you are
I have read #364, the basis of which is a belief that security policies like
ima should be set by the end user, not the packager.
An imperfect implementation in rpm to generate ima signatures that are invalid
when %config files are altered seems a pointless mechanism to generate useless
false
I have read #364, the basis of which is a belief that security policies like
ima should be set by the end user, not the packager.
An imperfect implementation in rpm to generate ima signatures that are invalid
when %config files are altered seems a pointless mechanism to generate useless
false
This PR https://github.com/rpm-software-management/rpm/pull/374 now addresses
the issue.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
A potential side-effect of having signatures applied to configuration files is
that the configuration files may be modified by the user or programs /
post-installation scripts and the signature on these files may become invalid
or be removed as part of the modification of the configuration
