Re: How are Fedora RPM packagess verified in RPMFusion buildsys?
On Wed, Jan 13, 2010 at 08:19:21AM -0600, Rex Dieter wrote:
mock typically does not verify keys (making the assumption that the
repos used internally are generally trusted implicitly).
Afaik, the default configuration of mock is to use it only on machines
very trustworthy people have access (i.e. anyone can acquire root) and
use it only to build throw-away or test packages, that are not intended
to be used on systems with security sensitive data. The default
configuration does not use any internal repos, but the default Fedora
repositories.
Regards
Till
Attachments:
- attachment.sig (application/pgp-signature — 836 bytes)