Re: kernel.org frontpage

From: Valdis.Kletnieks@vt.edu
Date: Wed Jan 29 2003 - 14:49:32 EST

Next message: Ed Vance: "RE: [Pcihpd-discuss] [RFC] Enhance CPCI Hot Swap driver"
Previous message: Alex Bligh - linux-kernel: "LKML I/O scheduling (was Re: Bootscreen [had to throw in 2 cents worth, sorry])"
In reply to: Russell King: "Re: kernel.org frontpage"
Next in thread: John Bradford: "Re: kernel.org frontpage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 29 Jan 2003 19:37:50 GMT, Russell King said:

> I believe a script signs the files on ftp.kernel.org, which means the
> private key is on the master machine, probably without a pass phrase.
> That means that if the master server is compromised, its highly likely
> that a rogue file will have a correct signature.

OK.. I missed that part, and thought somebody was doing a check-and-balance
before files went out.

> The only way to be completely sure is for Linus to gpg-sign the patches
> himself at source with a known gpg key using a secure pass phrase before

Now there's a thought.. ;)

application/pgp-signature attachment: stored

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ed Vance: "RE: [Pcihpd-discuss] [RFC] Enhance CPCI Hot Swap driver"
Previous message: Alex Bligh - linux-kernel: "LKML I/O scheduling (was Re: Bootscreen [had to throw in 2 cents worth, sorry])"
In reply to: Russell King: "Re: kernel.org frontpage"
Next in thread: John Bradford: "Re: kernel.org frontpage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Fri Jan 31 2003 - 22:00:23 EST