From: James Cleverdon <jamesclv@us.ibm.com>
To: Gilad Ben-ossef <gilad@benyossef.com>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: One for the Security Guru's
Date: Wed, 23 Oct 2002 15:14:07 -0700 [thread overview]
Message-ID: <200210231514.07192.jamesclv@us.ibm.com> (raw)
In-Reply-To: <1035381547.4182.65.camel@klendathu.telaviv.sgi.com>
On Wednesday 23 October 2002 06:59 am, Gilad Ben-ossef wrote:
> On Wed, 2002-10-23 at 15:45, Alan Cox wrote:
> > On Wed, 2002-10-23 at 14:02, Robert L. Harris wrote:
[ Snip! ]
>
> .... For example - when you
> download a new update of a kernel (or any program for that matter)
> source/patch (or binary package) from the net do you check the GPG
> signature validity? I would be VERY surprised if you answer 'yes'...
>
> :-))
>
> Gilad.
Be surprised: I run "gpg --verify foo.tgz.sign foo.tgz" every time I download
from kernel.org. And, "rpm --checksig *.rpm" on stuff from redhat.com too.
Given the recent trojaned source packages, I recommend that everyone do the
same.
= = = =
The preceding public service message has been sponsored by Anal Retentive
Sysadmins .Org (Motto: Constipation: It's not just a gob, it's a career!)
> > Alan
--
James Cleverdon
IBM xSeries Linux Solutions
{jamesclv(Unix, preferred), cleverdj(Notes)} at us dot ibm dot com
next prev parent reply other threads:[~2002-10-23 22:08 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-10-23 13:02 One for the Security Guru's Robert L. Harris
2002-10-23 13:13 ` John Jasen
2002-10-23 13:20 ` Keith Owens
2002-10-24 7:56 ` Greg KH
2002-10-23 13:45 ` Alan Cox
2002-10-23 13:59 ` Gilad Ben-ossef
2002-10-23 22:14 ` James Cleverdon [this message]
2002-10-23 22:17 ` James Stevenson
2002-10-23 22:39 ` James Cleverdon
2002-10-23 22:44 ` James Stevenson
2002-10-24 6:12 ` Gilad Ben-Yossef
2002-11-06 21:39 ` Florian Weimer
2002-10-23 14:57 ` Richard B. Johnson
2002-10-23 17:56 ` Gerhard Mack
2002-10-24 9:38 ` Henning P. Schmiedehausen
[not found] ` <ap8f36$8ge$1@dstl.gov.uk>
2002-10-24 10:01 ` Tony Gale
2002-10-24 16:13 ` Gerhard Mack
2002-10-24 16:39 ` Henning P. Schmiedehausen
2002-10-24 16:34 ` David Lang
2002-10-24 17:04 ` Gilad Ben-Yossef
2002-10-25 9:44 ` Henning Schmiedehausen
2002-10-25 20:52 ` H. Peter Anvin
2002-10-26 10:43 ` Henning P. Schmiedehausen
2002-10-27 10:17 ` Rogier Wolff
2002-10-28 7:47 ` Chris Wedgwood
2002-10-24 22:02 ` Danny Lepage
2002-10-25 9:40 ` Henning Schmiedehausen
2002-10-24 14:23 ` Gilad Ben-ossef
2002-10-25 4:09 ` Stephen Satchell
2002-10-25 13:47 ` Stephen Frost
2002-10-26 10:38 ` Rogier Wolff
2002-10-26 9:44 ` Rogier Wolff
2002-10-26 10:46 ` Henning P. Schmiedehausen
2002-10-23 16:23 ` Henning P. Schmiedehausen
2002-10-23 17:55 ` David Lang
2002-10-23 19:46 ` H. Peter Anvin
2002-10-23 22:15 ` James Stevenson
2002-10-24 9:47 ` Henning P. Schmiedehausen
2002-10-25 12:28 ` Daniel Egger
2002-10-25 15:22 ` Alex Riesen
2002-10-25 16:38 ` Stephen Satchell
2002-10-25 18:21 ` [OT] " J Sloan
2002-10-26 10:40 ` OT " Rogier Wolff
2002-10-24 10:11 ` Ville Herva
2002-10-24 11:09 ` Henning P. Schmiedehausen
2002-10-24 11:55 ` Alan Cox
2002-10-24 14:40 ` Henning P. Schmiedehausen
2002-10-24 15:36 ` Alan Cox
2002-10-24 16:46 ` Eric W. Biederman
2002-10-24 6:04 ` David Wagner
-- strict thread matches above, loose matches on Subject: below --
2002-10-23 21:49 Hank Leininger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200210231514.07192.jamesclv@us.ibm.com \
--to=jamesclv@us.ibm.com \
--cc=gilad@benyossef.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).