Hi. The wiki states that database signatures for pacman are currently a work in progress. It's been that way for a long time, so I assume there is no "progress" happening. What is currently in the way of this much-needed security feature to be fully implemented? Right now, pacman is taking untrusted input from the internet as root. That's very bad. Most of the comments I've seen say that an attacker could hold back vulnerable packages, but this is assuming the attacker does not have bigger plans. The pacman tool is not immune to bugs in the way it parses the database files. It has no privilege separation in the download/parsing code as far as I can see (apt and others have had this for a long time) so it's really an even more dire situation. Pacman should not perform any operations as root until it has verified the signature of all files being used to install/upgrade the packages, but it currently does everything (downloading, verifying, etc) as root. I'd like to get a discussion going about how and when these two issues could be resolved so that all Arch users can be safer. Thanks.