On Sat,12.Jul.08, 06:12:33, Joe Smith wrote: > However, if the security updates come from trusted security mirrors rather > than > a general mirror, that attack would fail too. So with the exception of Sid or > Testing users that do not use the testing-security system to receive security > updates, Debian really is not terribly vulnerable to this. How about distributing the Release files *only* from a trusted server?
Regards, Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert Einstein)
signature.asc
Description: Digital signature
