On 22/08/07, Jesse Keating jkeating@redhat.com wrote:
Also it's easy enough to install some piece of software off the net that drops a yum repo file in place and starts handing you packages from another repo. You should get the opportunity to confirm your trust in this repo before it starts replacing all kinds of packages in your system.. (now said packages that drop a repo file could just easily set gpgcheck=no and bypass all the trust issues, but that's neither here nor there)
I think it is very important actually. If a malicious package is putting files in random places as the root user (installing a package manually using rpm) then we've essentially lost security on the system as far as I'm concerned.
You could take this argument one step further and a malicious package could be designed to patch yum/rpm to not do the gpg checks.
Richard.