On 04/23/13 at 04:40pm, John Lane wrote:
> Now that Samba 4 is the deault, I think the ntp package needs to be
> configured with '--enable-ntp-signd' because this is needed for Active
> Directory clients to be able to synchronize time via the Active Directory
> component of Samba 4. As far as I kno
Denis A. Altoé Falqueto on Wed, 2013/04/24 17:18:
> I would say that the best way to assure you're using the correct file,
> as intended by the original developers, is to use digital signatures
> to check the sources. Not all projects sign their releases, but for
> those who do, you can use makepk
Packages are signed, unless they're infected at the source, you can't
attach/embed malware in them enroute to your machine.
Upstream could insert much more incidious things into a package then
malware. Scanning for malware is only going to help you find known
pieces of malware with known signautre
On Wed, 2013-04-24 at 13:47 -0400, Mark E. Lee wrote:
> As seen by some malignant Android apps, trust in the
> developer/maintainer does not always work
IMO this is an improper comparison. The Android community is completely
different to the Linux, BSD etc. communities. You might call Android a
Li
No.
There is package signing now. You already verify that the guy who put
his package on the repo is the guy you trust as your binary source.
How do you know? Because you could build the exact same binary with an
archlinux source package and current devtools. The unholy mess gcc is
is entrusted wi
On Tue, Apr 23, 2013 at 2:10 PM, Mark E. Lee wrote:
> While building packages on the AUR, I was wondering that except for
> manual user intervention (by reading the code), I didn't have any other
> methods of knowing if a package had malware or viruses. Hence, I was
> wondering if virus scanning v
On 2013-04-24 13:47, Mark E. Lee wrote:
> As seen by some malignant Android apps, trust in the
> developer/maintainer does not always work towards the goals of the end
> users. Packages downloaded from the main repos or built from the AUR
> should be scanned for both windows and linux malware to en
Hi
On Tue, Apr 23, 2013 at 5:49 AM, Hussam Al-Tayeb wrote:
> On Tuesday 23 April 2013 09:05:33 Ross Lagerwall wrote:
>> Hi,
>>
>> Is there a reason (other than lack of time) that libxml2 has not been
>> updated from 2.8 to 2.9 (now 2.9.1)?
>>
>> Regards
>
> As far as I can tell, it breaks a lot o
8 matches
Mail list logo
