scratch65...@att.net wrote:
> On Fri, 10 Oct 2014 14:47:27 -0500, you wrote:
>
>
>> On 10/10/2014 1:12 PM, scratch65...@att.net wrote:
>>
>>> On Fri, 10 Oct 2014 12:57:42 -0500, Brian Drewery wrote:
>>>
>>>
>>>> find /usr/share/keys/pkg -exec sha256 {} +
>>>>
>>> No such file
>>>
>> That's your problem. You are missing the signature fingerprints to
>> compare against. As such Pkg is refusing to do anything to prevent MITM
>> attacks.
>>
>> You are missing this:
>> https://www.freebsd.org/security/advisories/FreeBSD-EN-14:03.pkg.asc
>>
>> freebsd-update can provide it.
>>
>
> Thank you for the pointer.
>
> What puzzles me is why the problem wasn't fixed for o/s versions
> prior to 10.0 since it was being made mandatory for those
> versions. That doesn't seem like good practice.
>
We have a winner! <3\
--
Michelle Sullivan
http://www.mhix.org/
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
