(Jul 20 2005 10:00) Christian Haugan Toldnes wrote: > > Anyway, you are right about 1 thing. It should be possible to configure > a key-url in each site section of the swup.conf of the system, letting > swup grab the missing key if the verification of the signature fails. I > have to think about possible security implications this may have.
The key-url stuff obviously has security implications that I cannot ignore. However, smaller changes was possible. I have made a rather small change so that when a non-root user invokes swup for the first time, the public key ring of the systems swup gpg directory is copied to the users swup gpg directory, thus letting the user run swup without gpg error without key management. This update will be part of next sync. c -- Christian H. Toldnes Trustix Developer _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
