Re: [opensuse-factory] how secure is the opensuse packagemanager

ab wrote:

there seems to be some activity regarding package manager security issues: <http://www.cs.arizona.edu/people/justin/packagemanagersecurity/>

how secure is the opensuse way in the recent opensuse releases?

If you use http://download.opensuse.org/update/11.0/ as your update repository, then the metadata will be served directly, efectively avoiding the attack AFAICS. The mirrors will only be redirected to for rpm files. Michal --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org