[arch-general] Integrating Virus Scanning for Packages Handled by Pacman
Christian Hesse
list at eworm.de
Thu Apr 25 06:00:09 EDT 2013
Denis A. Altoé Falqueto <denisfalqueto at gmail.com> on Wed, 2013/04/24 17:18:
> I would say that the best way to assure you're using the correct file,
> as intended by the original developers, is to use digital signatures
> to check the sources. Not all projects sign their releases, but for
> those who do, you can use makepkg's support for GPG signature
> checking.
I do know some projects which sign their packages buy Arch PKGBUILDs do not
use them. Package 'postfix' is an example. Do the developers want bug reports
about that?
--
main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH"
"CX:;",b;for(a/* Chris get my mail address: */=0;b=c[a++];)
putchar(b-1/(/* gcc -o sig sig.c && ./sig */b/42*2-3)*42);}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20130425/bc3790e9/attachment-0001.asc>
More information about the arch-general
mailing list