[arch-general] Kernel.org compromised. Are Arch users safe?

Denis A. Altoé Falqueto denisfalqueto at gmail.com
Thu Sep 1 11:02:03 EDT 2011

On Thu, Sep 1, 2011 at 10:03 AM, Paulo Guedes
<paulorenatoguedes at gmail.com> wrote:
> Then there isn't any need to worry and everything is safe, right?

As long as the keys used to sign the tar balls arent't compromised, we
shouldn't worry. They weren't, according to kernel.org admins. I don't
know if Arch kernel maintainers check the signatures, but it is easy
do to it now, if needed be. And makepkg from next pacman's release
will have an option to check signatures automatically, easing the
process even more.

A: Because it obfuscates the reading.
Q: Why is top posting so bad?

Denis A. Altoe Falqueto
Linux user #524555

More information about the arch-general mailing list