[arch-general] Firefox without signature checking
Leonid Isaev
leonid.isaev at jila.colorado.edu
Sat Jan 2 22:39:33 UTC 2016
On Sat, Jan 02, 2016 at 11:25:12PM +0100, Niels Kobschaetzki wrote:
> What about an AUR-package with a pre-compiled binary? Sure I have to
> trust the maintainer.
No, this is a recipe for spreading malware. Also, have you seen the size of
said binary?
> But I also have to with a source-package since I
> won't check the sources with each release ;)
Which is plain stupid.
Best,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
More information about the arch-general
mailing list