----- Forwarded message from Ingenieria Informatica <heyom.student@gmail.com> -----
Date: Tue, 5 Nov 2013 22:40:18 +0100 From: Ingenieria Informatica <heyom.student@gmail.com> To: dreisner@archlinux.org, dan@archlinux.org, allan@archlinux.org Subject: Pacman Config File (SigLevel)
Hello, my name is Hamoud and I have a small question:
According to pacman.conf:
[options]
# By default, pacman accepts packages signed by keys that its local keyring # trusts (see pacman-key and its man page), as well as unsigned packages. SigLevel = Required TrustedOnly LocalFileSigLevel = Required TrustedOnly
I understand from the above that signatures will be required from both packages & databases AND If a signature is checked, it must be in the keyring and fully trusted; marginal trust does not meet this criteria.
Is that a valid configuration? because I only want to modify the option section as a default control of my packages/databases. I need to harden my system as much as possible specially with signature check (paranoid mode hehe)
Thank you very much in advance. :)
-- Regards
----- End forwarded message -----