Re: pkgsrc binary packages security with pkgin

To: netbsd-users%netbsd.org@localhost
Subject: Re: pkgsrc binary packages security with pkgin
From: yarl-baudig%mailoo.org@localhost
Date: Sun, 26 Jan 2020 00:56:37 +0100 (CET)

Is there projects to improve this?

De : maya%NetBSD.org@localhost
À : yarl-baudig%mailoo.org@localhost
Sujet : Re: pkgsrc binary packages security with pkgin
Date : 25/01/2020 23:11:25 Europe/Paris
Copie à : netbsd-users%netbsd.org@localhost

On Sat, Jan 25, 2020 at 01:34:34AM +0100, yarl-baudig%mailoo.org@localhost wrote:
> Hello,
>
> May I ask how is safe the use pkgsrc binary packages. For example using pkgin. Does libfetch is doing fine with https? Any thoughts?
>
> Is the authenticity and integrity of packages installed this way is guaranteed assuming no bugs in software involved?

No.

>
> Is it safer to compile by yourself?

Yes.

This is a very unfortunate case.

References:
- Re: pkgsrc binary packages security with pkgin
  - From: maya

Prev by Date: EST available frequencies drops during operation
Next by Date: Re: EST available frequencies drops during operation
Previous by Thread: Re: pkgsrc binary packages security with pkgin
Next by Thread: EST available frequencies drops during operation
Indexes:

Home | Main Index | Thread Index | Old Index