On Thu, Mar 7, 2013 at 10:34 PM, R. Mattes <rm@email-addr-hidden-freiburg.de> wrote:
>
> Which distribution _doesn't_ sign it's packages? What code is weakly protected?
> Even most major download/DVCS sites use secure communication channels these days
> (https). The problem is the naive asumption that self-compiled code would be more
> secure. Not a Linux problem, I'd say ...
Smaller distros don't necessary sign packages (mine, Arch, started
doing it relatively recently). The implicit 'trust-the-dev' still
applies though, even with signing.
_______________________________________________
Linux-audio-user mailing list
Linux-audio-user@email-addr-hidden
http://lists.linuxaudio.org/listinfo/linux-audio-user
Received on Fri Mar 8 04:15:01 2013
This archive was generated by hypermail 2.1.8 : Fri Mar 08 2013 - 04:15:02 EET