On Wed, 2012-08-29 at 15:02 +0200, Joakim Hernberg wrote:
On Wed, 29 Aug 2012 12:52:22 +0100 Kevin Chadwick <ma1l1ists@yahoo.co.uk> wrote:
Don't you need to sign it too? I would
?
Signing a package you build for yourself, knowing that it's a dummy, without a source and even if there should be a source, why signing this package. Is this an UEFI thingy?
Sarcasm lost in translation ;).
If you would be signing it locally for one system then I see why you think of sarcasm but otherwise pacman should be configured to stop on a non-signed package install. p.s. I wasn't being sarcastic about the JS package, polkit now has javascript based config files! and as I don't use it I see no point installing extra code and an attacker familiar package that I won't use. Conversely there is little point putting any effort into it as it's not important, so you saved me a cruder quick hack. Regards, Kc -- _______________________________________________________________________ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) _______________________________________________________________________