Am 29.04.21 um 15:36 schrieb Michal Suchánek:
On Thu, Apr 29, 2021 at 03:26:34PM +0200, cagsm wrote:
On Thu, Apr 29, 2021 at 8:52 AM dieter
wrote: There exists a bug for it: https://bugzilla.opensuse.org/show_bug.cgi?id=1184326
Okay thank you lot for pointing to this bug. Wondering now though, if my system is theoretically or in the actual sense completely compromised for real or virtually. I observed the dup process. I checked with lsof what the zypper was doing, and I have seen lsof | grep zypper a lot of network entries, where it connected to those mirror brained servers but via http, the ip address or hostname and the :80 (http) at the end of the line was given, to the service (webserver) the zypper conntected and fetched all those rpm files.
The repositories in /etc/zypp/repos.d should really contain "baseurl=" entries with an encrypted protocol, i.e. https:// instead of http:// _per default_. It is of course easy to change that manually, after the event. But I guess nobody remembers to do so. Most mirrors support https, and the ones not doing so should simply be dropped. Cheers, Manfred